CVE-2017-3125
published 2017-04-12CVE-2017-3125: An unauthenticated XSS vulnerability with FortiMail 5.0.0 - 5.2.9 and 5.3.0 - 5.3.8 could allow an attacker to execute arbitrary scripts in the security…
medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
An unauthenticated XSS vulnerability with FortiMail 5.0.0 - 5.2.9 and 5.3.0 - 5.3.8 could allow an attacker to execute arbitrary scripts in the security context of the browser of a victim logged in FortiMail, assuming the victim is social engineered into clicking an URL crafted by the attacker.
Affected
33 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |