8 matches found
MailEnable Added Parameter Cross-Site Scripting Vulnerability
MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-suppli...
CVE-2025-34408
MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the Added parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. The Added value is not properly sanitized when processed via a GET request and is reflected in the response, allowing an...
EUVD-2025-202185
MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the Added parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. The Added value is not properly sanitized when processed via a GET request and is reflected in the response, allowing an...
CVE-2025-34409
MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the Failed parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. The Failed value is not properly sanitized when processed via a GET request and is reflected in the response, allowing an...
CVE-2025-34408 MailEnable < 10.54 Reflected XSS in Added Parameter of MAI/AddRecipientsResult.aspx
MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the Added parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. The Added value is not properly sanitized when processed via a GET request and is reflected in the response, allowing an...
PT-2025-50146
Name of the Vulnerable Software and Affected Versions MailEnable versions prior to 10.54 Description The software contains a reflected cross-site scripting XSS issue in the Added parameter of the ''/Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx'' endpoint. The Added value is not properly...
MailEnable 跨站脚本漏洞
MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-suppli...
PT-2025-50147
Name of the Vulnerable Software and Affected Versions MailEnable versions prior to 10.54 Description The software contains a reflected cross-site scripting XSS issue in the Failed parameter of the ''/Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx'' endpoint. The Failed value is not properly...