An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-11-14T18:07:46.082Z

Updated: 2024-08-30T18:10:16.620Z

Reserved: 2023-06-25T18:03:39.225Z

Link: CVE-2023-36633

cve-icon Vulnrichment

Updated: 2024-08-02T16:52:53.973Z

cve-icon NVD

Status : Analyzed

Published: 2023-11-14T18:15:49.107

Modified: 2023-11-20T18:42:29.633

Link: CVE-2023-36633

cve-icon Redhat

No data.