A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiMail version 7.0.1 and 7.0.0, version 6.4.5 and below, version 6.3.7 and below, version 6.0.11 and below allows attacker to execute unauthorized code or commands via crafted HTTP GET requests to the FortiGuard URI protection service.
Metrics
Affected Vendors & Products
References
History
Tue, 22 Oct 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2022-02-02T11:08:07
Updated: 2024-10-22T21:01:19.534Z
Reserved: 2021-10-28T00:00:00
Link: CVE-2021-43062
Vulnrichment
Updated: 2024-08-04T03:47:13.228Z
NVD
Status : Analyzed
Published: 2022-02-02T11:15:07.887
Modified: 2022-03-04T16:33:09.800
Link: CVE-2021-43062
Redhat
No data.