CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-1471

Multiple cross-site scripting (XSS) vulnerabilities in admin/FEAdmin.html in Fortinet FortiMail before 4.3.4 on FortiMail Identity-Based Encryption (IBE) appliances allow user-assisted remote attackers to inject arbitrary web script or HTML via (1) the Add field for the Black List under Antispam Management User Preferences or (2) the User name field for the Personal Black/White List in the AntiSpam section.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.049

EPSS Ranking 89.2%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2013-1471

Fortinet » Fortimail » Version: Any

cpe:2.3:a:fortinet:fortimail:*
Fortinet » Fortimail » Version: 3.0

cpe:2.3:a:fortinet:fortimail:3.0
Fortinet » Fortimail » Version: 4.0

cpe:2.3:a:fortinet:fortimail:4.0
Fortinet » Fortimail-2000b » Version: N/A

cpe:2.3:h:fortinet:fortimail-2000b:-
Fortinet » Fortimail-200d » Version: N/A

cpe:2.3:h:fortinet:fortimail-200d:-
Fortinet » Fortimail-400c » Version: N/A

cpe:2.3:h:fortinet:fortimail-400c:-
Fortinet » Fortimail-5002b » Version: N/A

cpe:2.3:h:fortinet:fortimail-5002b:-
Fortinet » Fortimail-Vm2000 » Version: N/A

cpe:2.3:h:fortinet:fortimail-vm2000:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-1471

Products

Pricing

Contact Us