Fortinet: >> Fortimail >> 5.4.11 Security Vulnerabilities
Multiple improper neutralization of special elements of SQL commands vulnerabilities in FortiMail before 6.4.4 may allow a non-authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
CVSS Score
9.8
EPSS Score
0.012
Published
2021-07-09
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible.
CVSS Score
5.9
EPSS Score
0.001
Published
2021-07-09
Page 2