CVE-2013-1471

FortiMail < 4.3.4 - Stored Cross-Site Scripting via Black List or Personal Black/White List

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-1471. PoCs published by Vulnerability-Lab.

AI-analyzed exploit summary The document describes multiple web vulnerabilities in Fortinet FortiMail 400 IBE, including XSS via exception-handling bypass and persistent XSS in certificate uploads. It provides detailed PoC examples but lacks executable exploit code.

Description

Multiple cross-site scripting (XSS) vulnerabilities in admin/FEAdmin.html in Fortinet FortiMail before 4.3.4 on FortiMail Identity-Based Encryption (IBE) appliances allow user-assisted remote attackers to inject arbitrary web script or HTML via (1) the Add field for the Black List under Antispam Management User Preferences or (2) the User name field for the Personal Black/White List in the AntiSpam section.

Exploits (1)

exploitdb WRITEUP
by Vulnerability-Lab · textwebappshardware
https://www.exploit-db.com/exploits/24435

The document describes multiple web vulnerabilities in Fortinet FortiMail 400 IBE, including XSS via exception-handling bypass and persistent XSS in certificate uploads. It provides detailed PoC examples but lacks executable exploit code.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Moderate
Reliability
Reliable
Target: Fortinet FortiMail Appliance Series 400 IBE (200D, 400C, VM2K, 2000B, 5002B)
Auth required
Prerequisites: Access to admin interface · Valid credentials for some modules
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www.fortiguard.com/advisory/FG-IR-013-001.html

Scores

EPSS 0.0202
EPSS Percentile 78.6%

Details

CWE
CWE-79
Status published
Products (3)
fortinet/fortimail 3.0 mr2 (4 CPE variants)
fortinet/fortimail 4.0 (3 CPE variants)
fortinet/fortimail < 4.0
Published Feb 04, 2013
Tracked Since Feb 18, 2026