7 matches found
MailEnable AddressesTo Parameter Cross-Site Scripting Vulnerability
MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied da...
CVE-2025-34400
MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the AddressesTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesTo value is not properly sanitized when processed via a GET request and is reflected within a...
CVE-2025-34400
MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the AddressesTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesTo value is not properly sanitized when processed via a GET request and is reflected within a block in the response. B...
CVE-2025-34400 MailEnable < 10.54 Reflected XSS in AddressesTo Parameter of AddressBook.aspx
MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the AddressesTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesTo value is not properly sanitized when processed via a GET request and is reflected within a block in the response. B...
CVE-2025-34400
Summary: CVE-2025-34400 affects MailEnable versions prior to 10.54, exposing a reflected XSS in the AddressesTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The vulnerability stems from inadequate sanitization when the parameter is processed via GET, with the value reflected inside a [rem...
MailEnable 跨站脚本漏洞
MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied da...
PT-2025-50139
Name of the Vulnerable Software and Affected Versions MailEnable versions prior to 10.54 Description MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS issue in the AddressesTo parameter of the ''/Mondo/lang/sys/Forms/AddressBook.aspx'' endpoint. The AddressesTo value...