Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2025/12/10 6:13 p.m.5 views

CVE-2025-34409

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the Failed parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. The Failed value is not properly sanitized when processed via a GET request and is reflected in the response, allowing an...

6.1CVSS5.8AI score0.00418EPSS
Exploits0References1
osv
osv
added 2025/12/09 6:15 p.m.4 views

CVE-2025-34409

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the Failed parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. The Failed value is not properly sanitized when processed via a GET request and is reflected in the response, allowing an...

6.1CVSS6AI score0.00418EPSS
Exploits0References3
nvd
nvd
added 2025/12/09 6:15 p.m.5 views

CVE-2025-34409

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the Failed parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. The Failed value is not properly sanitized when processed via a GET request and is reflected in the response, allowing an...

6.1CVSS0.00418EPSS
Exploits0References3
cve
cve
added 2025/12/09 6:9 p.m.16 views

CVE-2025-34409

CVE-2025-34409 affects MailEnable versions prior to 10.54 and is a reflected XSS vulnerability in the Failed parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. The Failed value is not properly sanitized for GET requests and is reflected in the response, allowing an attacker to close...

6.1CVSS5.4AI score0.00418EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2025/12/09 6:9 p.m.31 views

CVE-2025-34409 MailEnable < 10.54 Reflected XSS in Failed Parameter of MAI/AddRecipientsResult.aspx

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the Failed parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. The Failed value is not properly sanitized when processed via a GET request and is reflected in the response, allowing an...

5.3CVSS0.00418EPSS
Exploits0References3
cnnvd
cnnvd
added 2025/12/09 12:0 a.m.5 views

MailEnable 跨站脚本漏洞

MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-suppli...

6.1CVSS5.7AI score0.00418EPSS
Exploits0References3
Rows per page
Query Builder