VYPR
Get started
← All advisories
Medium severity6.1NVD Advisory· Published Oct 26, 2017· Updated May 13, 2026

CVE-2017-7732

CVE-2017-7732

Description

A reflected Cross-Site Scripting (XSS) vulnerability in Fortinet FortiMail 5.1 and earlier, 5.2.0 through 5.2.9, and 5.3.0 through 5.3.9 customized pre-authentication webmail login page allows attacker to inject arbitrary web script or HTML via crafted HTTP requests.

Affected products

36
  • Fortinet/Fortimail36 versions
    cpe:2.3:a:fortinet:fortimail:4.1.0:*:*:*:*:*:*:*+ 35 more
    • cpe:2.3:a:fortinet:fortimail:4.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:4.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:4.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:4.3.8:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.3.7:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.3.8:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:5.3.9:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.