4 matches found
EUVD-2025-202189
MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the Failed parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. The Failed value is not properly sanitized when processed via a GET request and is reflected in the response, allowing an...
CVE-2025-34409
CVE-2025-34409 affects MailEnable versions prior to 10.54 and is a reflected XSS vulnerability in the Failed parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. The Failed value is not properly sanitized for GET requests and is reflected in the response, allowing an attacker to close...
CVE-2025-34409 MailEnable < 10.54 Reflected XSS in Failed Parameter of MAI/AddRecipientsResult.aspx
MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the Failed parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. The Failed value is not properly sanitized when processed via a GET request and is reflected in the response, allowing an...
MailEnable 跨站脚本漏洞
MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-suppli...