3 matches found
CVE-2025-34406
MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the Id parameter of /Mobile/ContactDetails.aspx. The Id value is not properly sanitized when processed via a GET request and is reflected within a block in the response. By supplying a crafted payload...
CVE-2025-34406 MailEnable < 10.54 Reflected XSS in Id Parameter of Mobile/ContactDetails.aspx
MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the Id parameter of /Mobile/ContactDetails.aspx. The Id value is not properly sanitized when processed via a GET request and is reflected within a block in the response. By supplying a crafted payload...
PT-2025-50144
Name of the Vulnerable Software and Affected Versions MailEnable versions prior to 10.54 Description The software contains a reflected cross-site scripting XSS issue in the Id parameter of the /Mobile/ContactDetails.aspx endpoint. The Id value is not properly sanitized when processed via a GET...