CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

RedhatCVE•added 2026/02/20 7:40 p.m.•3 views

CVE-2026-23610

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the POP2Exchange configuration endpoint. An authenticated user can supply HTML/JavaScript in the POP3 server login field within the JSON "popServers" payload to...

5.4CVSS5.4AI score0.00045EPSS

Exploits0References1

OSV•added 2026/02/19 6:24 p.m.•1 views

CVE-2026-23610

5.4CVSS5.8AI score

Exploits0References2

NVD•added 2026/02/19 6:24 p.m.•5 views

CVE-2026-23610

5.4CVSS0.00045EPSS

Exploits0References2

Vulnrichment•added 2026/02/19 5:56 p.m.•2 views

CVE-2026-23610 GFI MailEssentials AI < 22.4 POP2Exchange POP3 Server Login Stored XSS

5.4CVSS5.4AI score0.00045EPSS

Exploits0References2

CVE•added 2026/02/19 5:56 p.m.•4 views

CVE-2026-23610

GFI MailEssentials AI (versions prior to 22.4) contains a stored XSS in the POP2Exchange config endpoint. An authenticated user can inject HTML/JavaScript into the POP3 login field within the JSON "popServers" payload to /MailEssentials/pages/MailSecurity/POP2Exchange.aspx/Save; the input is stor...

5.4CVSS5.4AI score0.00045EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/02/19 5:56 p.m.•26 views

CVE-2026-23610 GFI MailEssentials AI < 22.4 POP2Exchange POP3 Server Login Stored XSS

5.4CVSS0.00045EPSS

Exploits0References2

Positive Technologies•added 2026/02/19 12:0 a.m.•3 views

PT-2026-20890

Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description GFI MailEssentials AI versions before 22.4 have a stored cross-site scripting issue in the POP2Exchange configuration. A logged-in user can inject HTML or JavaScript into the POP3 server...

5.4CVSS5.4AI score0.00045EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by