Unrated severityNVD Advisory· Published Oct 10, 2023· Updated Dec 16, 2025
CVE-2023-36556
CVE-2023-36556
Description
An incorrect authorization vulnerability [CWE-863] in FortiMail webmail version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.5 and below 6.4.7 allows an authenticated attacker to login on other users accounts from the same web domain via crafted HTTP or HTTPs requests.
Affected products
2Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.