CVE-2025-54972
An improper neutralization of crlf sequences ('crlf injection') vulnerability in Fortinet FortiMail 7.6.0 through 7.6.3, FortiMail 7.4.0 through 7.4.5, FortiMail 7.2 all versions, FortiMail 7.0 all versions may allow an attacker to inject headers in the response via convincing a user to click on a specifically crafted link
Vendor
Product
CWE
Yayın Tarihi
2025-11-18 17:16:03
Güncelleme
2026-01-14 10:16:06
Source Identifier
psirt@fortinet.com
KEV Date Added
-