PSIRT Advisory

FortiMail reflected XSS vulnerability under customized webmail login page

Summary

There exists a reflected cross-site scripting (XSS) vulnerability on FortiMail customized pre-authentication webmail login page, allowing successful attackers to run arbitrary javascript code in the security context of their victim's browser.

Impact

Cross-site scripting (XSS)

Affected Products

FortiMail 5.2.0 -> 5.2.9

FortiMail 5.3.0 -> 5.3.9

FortiMail 5.1 and below.

Solutions

FortiMail 5.2 branch, upgrade to 5.2.10 or above.

FortiMail 5.3 branch, upgrade to 5.3.10 or above

FortiMail 5.4 branch, not impacted.

FortiMail 5.1 and below, use the system default login portal instead of a customized webmail login portal.

Acknowledgement

Fortinet is pleased to thank Silas Aitchison for reporting this vulnerability under responsible disclosure.