CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
88.2%
Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag.
Vendor | Product | Version | CPE |
---|---|---|---|
mailenable | mailenable_professional | 1.0.004 | cpe:2.3:a:mailenable:mailenable_professional:1.0.004:*:*:*:*:*:*:* |
mailenable | mailenable_professional | 1.0.005 | cpe:2.3:a:mailenable:mailenable_professional:1.0.005:*:*:*:*:*:*:* |
mailenable | mailenable_professional | 1.0.006 | cpe:2.3:a:mailenable:mailenable_professional:1.0.006:*:*:*:*:*:*:* |
mailenable | mailenable_professional | 1.0.007 | cpe:2.3:a:mailenable:mailenable_professional:1.0.007:*:*:*:*:*:*:* |
mailenable | mailenable_professional | 1.0.008 | cpe:2.3:a:mailenable:mailenable_professional:1.0.008:*:*:*:*:*:*:* |
mailenable | mailenable_professional | 1.0.009 | cpe:2.3:a:mailenable:mailenable_professional:1.0.009:*:*:*:*:*:*:* |
mailenable | mailenable_professional | 1.0.010 | cpe:2.3:a:mailenable:mailenable_professional:1.0.010:*:*:*:*:*:*:* |
mailenable | mailenable_professional | 1.0.011 | cpe:2.3:a:mailenable:mailenable_professional:1.0.011:*:*:*:*:*:*:* |
mailenable | mailenable_professional | 1.0.012 | cpe:2.3:a:mailenable:mailenable_professional:1.0.012:*:*:*:*:*:*:* |
mailenable | mailenable_professional | 1.0.013 | cpe:2.3:a:mailenable:mailenable_professional:1.0.013:*:*:*:*:*:*:* |