Lucene search
K

4 matches found

EUVD
EUVD
added 2025/12/09 6:30 p.m.4 views

EUVD-2025-202188

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the AddressesTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesTo value is not properly sanitized when processed via a GET request and is reflected within a block in the response. B...

6.1CVSS5.3AI score0.00324EPSS
Exploits0References4
OSV
OSV
added 2025/12/09 6:15 p.m.5 views

CVE-2025-34400

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the AddressesTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesTo value is not properly sanitized when processed via a GET request and is reflected within a block in the response. B...

6.1CVSS5.9AI score0.00324EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/09 6:9 p.m.2 views

CVE-2025-34400 MailEnable < 10.54 Reflected XSS in AddressesTo Parameter of AddressBook.aspx

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the AddressesTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesTo value is not properly sanitized when processed via a GET request and is reflected within a block in the response. B...

5.3CVSS5.4AI score0.00324EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/06/28 12:0 a.m.4 views

PT-2024-28059 · Unknown · Zksync Era

Name of the Vulnerable Software and Affected Versions: ZKsync Era versions prior to 1.5.0 Description: ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. The issue arises from possible invalid stack access due to the addresses used to access the stack not properly...

6.5CVSS7.2AI score0.00263EPSS
Exploits0References3
Rows per page
Query Builder