FortiMail – User can see and modify address book folders title of other users

Fortiguard Security Advisory

An improper authorization vulnerability [CWE-285] in FortiMail webmail may allow an authenticated attacker to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests.

READ MORE