Vulnerabilities

CVE-2025-54972

by Fred · 18/11/2025

An improper neutralization of crlf sequences (‘crlf injection’) in Fortinet FortiMail 7.6.0 through 7.6.3, FortiMail 7.4.0 through 7.4.5, FortiMail 7.2 all versions, FortiMail 7.0 all versions may allow an attacker to inject headers in the response via convincing a user to click on a specifically crafted link

More information : https://fortiguard.fortinet.com/psirt/FG-IR-25-634

Similar

Tags: Cybersecurity Alert