VYPR
Unrated severityNVD Advisory· Published Oct 10, 2023· Updated Sep 18, 2024

CVE-2023-36637

CVE-2023-36637

Description

An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiMail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to inject HTML tags in FortiMail's calendar via input fields.

Affected products

2
  • Fortinet/Fortimailllm-fuzzy2 versions
    >=7.2.0 <=7.2.2, <7.0.5+ 1 more
    • (no CPE)range: >=7.2.0 <=7.2.2, <7.0.5
    • (no CPE)range: 7.2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.