Security Advisory

CVE-2023-36556

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-10-10 16:49:50

Last updated 2025-12-16 18:23:24

Assigner fortinet

State PUBLISHED

Description

An incorrect authorization vulnerability [CWE-863] in FortiMail webmail version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.5 and below 6.4.7 allows an authenticated attacker to login on other users accounts from the same web domain via crafted HTTP or HTTPs requests.

← Browse all CVEs View on cve.org ↗