4 matches found
EUVD-2025-202188
MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the AddressesTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesTo value is not properly sanitized when processed via a GET request and is reflected within a block in the response. B...
CVE-2025-34400
MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the AddressesTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesTo value is not properly sanitized when processed via a GET request and is reflected within a block in the response. B...
CVE-2025-34400 MailEnable < 10.54 Reflected XSS in AddressesTo Parameter of AddressBook.aspx
MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the AddressesTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesTo value is not properly sanitized when processed via a GET request and is reflected within a block in the response. B...
PT-2024-28059 · Unknown · Zksync Era
Name of the Vulnerable Software and Affected Versions: ZKsync Era versions prior to 1.5.0 Description: ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. The issue arises from possible invalid stack access due to the addresses used to access the stack not properly...