| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAOmMdVs2QDqFAcV=UMs_yvTgrxyf1qJWT-GF9KLOahKeT_FoYw@mail.gmail.com> Date: Thu, 26 Feb 2015 21:10:54 -0300 From: William Costa <william.costa@...il.com> To: fulldisclosure@...lists.org Subject: [FD] XSS Reflected vulnerabilities in Fortimail version 5.2.1 (CVE-2014-8617) I. VULNERABILITY ------------------------- XSS Reflected vulnerabilities in Fortimail version 5.2.1 II. BACKGROUND ------------------------- Fortinet’s industry-leading, Network Security Platforms deliver Next Generation Firewall (NGFW) security with exceptional throughput, ultra low latency, and multi-vector threat protection. III. DESCRIPTION ------------------------- Has been detected two XSS Reflected vulnerability in FortiMail in " /module/releasecontrol?release=" parameter “release” that allows the execution of arbitrary HTML/script code to be executed in the context of the victim user's browser. IV. PROOF OF CONCEPT ------------------------- The application does not validate the parameter “release“ in “/module/releasecontrol?release=“ https://10.0.0.38/module/releasecontrol?release=1:aaa:aaaaaaa<script>a lert(document.cookie)</script> V. BUSINESS IMPACT ------------------------- Vulnerability allows the execution of arbitrary HTML/script code to be executed in the context of the victim user's browser. VI. REQUIREMENTS ----------------------- An Attacker needs to know the IP of the device. An Administrator needs an authenticated connection to the device. VII. SYSTEMS AFFECTED ------------------------- Try FortiMail version 5.2.1 VM VIII. SOLUTION ------------------------- Upgrade version 5.2.3 http://www.fortiguard.com/advisory/FG-IR-15-005/ _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists