.. / CVE-2021-43062

Exploit for Fortinet FortiMail 7.0.1 - Cross-Site Scripting (CVE-2021-43062)

Description:

A cross-site scripting vulnerability in FortiMail may allow an unauthenticated attacker to perform an attack via specially crafted HTTP GET requests to the FortiGuard URI protection service.

Nuclei Template

View the template here CVE-2021-43062.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2021/CVE-2021-43062.yaml

References:

https://github.com/ARPSyndicate/cvemon
https://www.exploit-db.com/exploits/50759
https://www.fortiguard.com/psirt/FG-IR-21-185
https://nvd.nist.gov/vuln/detail/CVE-2021-43062
https://fortiguard.com/advisory/FG-IR-21-185

.. / CVE-2021-43062 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Fortinet FortiMail 7.0.1 - Cross-Site Scripting (CVE-2021-43062)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2021-43062