I. VULNERABILITY ------------------------- XSS Reflected vulnerabilities in Fortimail version 5.2.1 II. BACKGROUND ------------------------- Fortinet?s industry-leading, Network Security Platforms deliver Next Generation Firewall (NGFW) security with exceptional throughput, ultra low latency, and multi-vector threat protection. III. DESCRIPTION ------------------------- Has been detected two XSS Reflected vulnerability in FortiMail in " /module/releasecontrol?release=" parameter ?release? that allows the execution of arbitrary HTML/script code to be executed in the context of the victim user's browser. IV. PROOF OF CONCEPT ------------------------- The application does not validate the parameter ?release? in ?/module/releasecontrol?release=? https://10.0.0.38/module/releasecontrol?release=1:aaa:aaaaaaa<script>a lert(document.cookie)</script> V. BUSINESS IMPACT ------------------------- Vulnerability allows the execution of arbitrary HTML/script code to be executed in the context of the victim user's browser. VI. REQUIREMENTS ----------------------- An Attacker needs to know the IP of the device. An Administrator needs an authenticated connection to the device. VII. SYSTEMS AFFECTED ------------------------- Try FortiMail version 5.2.1 VM VIII. SOLUTION ------------------------- Upgrade version 5.2.3 http://www.fortiguard.com/advisory/FG-IR-15-005/