PSIRT Advisory

Potential Web Vulnerabilities in FortiMail

Summary

Input filter bypass and exception handling vulnerabilities can be used by an attacker to hijack administrator or customer sessions within certain conditions.

Description

Input filter bypass and exception handling vulnerabilities can be used by an attacker to hijack administrator or customer sessions within certain conditions.

Impact

Exception Handling and Input Filter Bypass

Acknowledgement

Benjamin Kunz Mejri of Vulnerability Laboratory Research Team