CVE-2026-23615

CVE-2026-23615 concerns GFI MailEssentials AI prior to version 22.4, where a stored cross-site scripting vulnerability exists in the Sender Policy Framework Email Exceptions interface. An authenticated user can inject HTML/JavaScript via the parameter ctl00$ContentPlaceHolder1$pv4$txtEmailDescrip...

GFI MailEssentials AI 安全漏洞

GFI MailEssentials AI is an open-source anti-spam and data breach protection software developed by GFI in the United States. Versions of GFI MailEssentials AI prior to version 22.4 contained a security vulnerability. This vulnerability stemmed from a storage cross-site scripting vulnerability in...