Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

205 matches found

NVD
NVDadded 2025/12/09 6:15 p.m.3 views

CVE-2025-34400

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the AddressesTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesTo value is not properly sanitized when processed via a GET request and is reflected within a block in the response. B...

6.1CVSS0.00324EPSS
Exploits0References3
NVD
NVDadded 2025/12/09 6:15 p.m.3 views

CVE-2025-34402

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the FieldCc parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The FieldCc value is not properly sanitized when processed via a GET request and is reflected inside a block in the JavaScript variable...

6.1CVSS0.00324EPSS
Exploits0References3
OSV
OSVadded 2025/12/09 6:15 p.m.4 views

CVE-2025-34401

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the FieldBcc parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The FieldBcc value is not properly sanitized when processed via a GET request and is reflected inside a block in the JavaScript variab...

6.1CVSS5.9AI score0.00324EPSS
Exploits0References3
OSV
OSVadded 2025/12/09 6:15 p.m.2 views

CVE-2025-34402

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the FieldCc parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The FieldCc value is not properly sanitized when processed via a GET request and is reflected inside a block in the JavaScript variable...

6.1CVSS5.9AI score0.00324EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/12/09 6:10 p.m.17 views

CVE-2025-34398 MailEnable < 10.54 Reflected XSS in AddressesBcc Parameter of AddressBook.aspx

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the AddressesBcc parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesBcc value is not properly sanitized when processed via a GET request and is reflected within a block in the JavaScrip...

5.3CVSS0.00324EPSS
Exploits0References3
CVE
CVEadded 2025/12/09 6:10 p.m.6 views

CVE-2025-34398

MailEnable versions prior to 10.54 are affected by a reflected XSS in the AddressesBcc parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesBcc value is not properly sanitized when processed via GET and is reflected inside a JavaScript script block (var sAddrBcc). An attacker can ter...

6.1CVSS5.5AI score0.00324EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2025/12/09 6:10 p.m.15 views

CVE-2025-34399 MailEnable < 10.54 Reflected XSS in AddressesCc Parameter of AddressBook.aspx

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the AddressesCc parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesCc value is not properly sanitized when processed via a GET request and is reflected within a block in the JavaScript...

5.3CVSS0.00324EPSS
Exploits0References3
CVE
CVEadded 2025/12/09 6:10 p.m.12 views

CVE-2025-34399

MailEnable versions prior to 10.54 are affected by a reflected XSS in the AddressesCc parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesCc value is not properly sanitized for GET requests and is echoed inside a [removed] block in the JavaScript variable sAddrCc, enabling an attack...

6.1CVSS5.4AI score0.00324EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2025/12/09 6:9 p.m.8 views

CVE-2025-34400

Summary: CVE-2025-34400 affects MailEnable versions prior to 10.54, exposing a reflected XSS in the AddressesTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The vulnerability stems from inadequate sanitization when the parameter is processed via GET, with the value reflected inside a [rem...

6.1CVSS5.4AI score0.00324EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2025/12/09 6:9 p.m.18 views

CVE-2025-34400 MailEnable < 10.54 Reflected XSS in AddressesTo Parameter of AddressBook.aspx

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the AddressesTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesTo value is not properly sanitized when processed via a GET request and is reflected within a block in the response. B...

5.3CVSS0.00324EPSS
Exploits0References3
EUVD
EUVDadded 2025/12/09 6:9 p.m.3 views

EUVD-2025-202190

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the FieldBcc parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The FieldBcc value is not properly sanitized when processed via a GET request and is reflected inside a block in the JavaScript variab...

6.1CVSS5.3AI score0.00324EPSS
Exploits0References4
Cvelist
Cvelistadded 2025/12/09 6:8 p.m.18 views

CVE-2025-34402 MailEnable < 10.54 Reflected XSS in FieldCc Parameter of AddressBook.aspx

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the FieldCc parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The FieldCc value is not properly sanitized when processed via a GET request and is reflected inside a block in the JavaScript variable...

5.3CVSS0.00324EPSS
Exploits0References3
EUVD
EUVDadded 2025/12/09 6:8 p.m.3 views

EUVD-2025-202192

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the FieldCc parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The FieldCc value is not properly sanitized when processed via a GET request and is reflected inside a block in the JavaScript variable...

6.1CVSS5.3AI score0.00324EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/12/09 6:8 p.m.2 views

CVE-2025-34402 MailEnable < 10.54 Reflected XSS in FieldCc Parameter of AddressBook.aspx

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the FieldCc parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The FieldCc value is not properly sanitized when processed via a GET request and is reflected inside a block in the JavaScript variable...

5.3CVSS5.4AI score0.00324EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/12/09 6:8 p.m.17 views

CVE-2025-34403 MailEnable < 10.54 Reflected XSS in FieldTo Parameter of AddressBook.aspx

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the FieldTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The FieldTo value is not properly sanitized when processed via a GET request and is reflected inside a block in the JavaScript variable...

5.3CVSS0.00324EPSS
Exploits0References3
EUVD
EUVDadded 2025/12/09 6:8 p.m.3 views

EUVD-2025-202193

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the FieldTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The FieldTo value is not properly sanitized when processed via a GET request and is reflected inside a block in the JavaScript variable...

6.1CVSS5.3AI score0.00324EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/12/09 6:8 p.m.2 views

CVE-2025-34403 MailEnable < 10.54 Reflected XSS in FieldTo Parameter of AddressBook.aspx

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the FieldTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The FieldTo value is not properly sanitized when processed via a GET request and is reflected inside a block in the JavaScript variable...

5.3CVSS5.4AI score0.00324EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.15 views

PT-2025-50139

Name of the Vulnerable Software and Affected Versions MailEnable versions prior to 10.54 Description MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS issue in the AddressesTo parameter of the ''/Mondo/lang/sys/Forms/AddressBook.aspx'' endpoint. The AddressesTo value...

6.1CVSS5.8AI score0.00324EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.3 views

PT-2025-50138

Name of the Vulnerable Software and Affected Versions MailEnable versions prior to 10.54 Description MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS issue in the AddressesCc parameter of the ''/Mondo/lang/sys/Forms/AddressBook.aspx'' endpoint. The AddressesCc value...

6.1CVSS5.7AI score0.00324EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.3 views

PT-2025-50141

Name of the Vulnerable Software and Affected Versions MailEnable versions prior to 10.54 Description MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS issue in the FieldCc parameter of the ''/Mondo/lang/sys/Forms/AddressBook.aspx'' endpoint. The FieldCc value is not...

6.1CVSS6AI score0.00324EPSS
Exploits0References5
Rows per page
Query Builder