Unauthenticated XSS Vulnerability in FortiMail 5.0.0 - 5.2.9 and 5.3.0 - 5.3.8

Unauthenticated XSS Vulnerability in FortiMail 5.0.0 - 5.2.9 and 5.3.0 - 5.3.8

CVE-2017-3125 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

An unauthenticated XSS vulnerability with FortiMail 5.0.0 - 5.2.9 and 5.3.0 - 5.3.8 could allow an attacker to execute arbitrary scripts in the security context of the browser of a victim logged in FortiMail, assuming the victim is social engineered into clicking an URL crafted by the attacker.

Learn more about our Social Engineering.