An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiMail version 7.2.0 up to and including 7.2.2 and prior to 7.0.5 allows an authenticated malicious user to inject HTML tags in FortiMail's calendar via input fields.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortimail 7.2.0 |
||
fortinet fortimail 7.2.1 |
||
fortinet fortimail 7.2.2 |
||
fortinet fortimail |