Endian Firewall ADDRESS BCC Parameter Cross-Site Scripting Vulnerability

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall ADDRESS BCC parameter, which originates from improper handling of the ADDRESS BCC parameter in /cgi-bin/smtprouting.cgi, and can be exploited by an attacker to...

CVE-2026-34817

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the ADDRESS BCC parameter to /cgi-bin/smtprouting.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

PT-2026-29777

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the ADDRESS BCC parameter to /cgi-bin/smtprouting.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall ADDRESS BCC parameter, which originates from improper handling of the ADDRESS BCC parameter in /cgi-bin/smtprouting.cgi, and can be exploited by an attacker to...

MailEnable AddressesBcc Parameter Cross-Site Scripting Vulnerability

MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied da...

CVE-2022-29976

An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0...

CVE-2022-29976

An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0...

CVE-2022-29976

An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0...

Cross site scripting

An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0...

CVE-2022-29976

An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0...

Alt-N MDaemon 跨站脚本漏洞

Alt-N MDaemon is a mail service system from Alt-N USA that provides complete mail server functionality, protects users from spam, enables web login to send and receive mail, supports remote management, and when used in conjunction with the MDaemon AntiVirus plugin, it also protects the system...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in TransWARE Active! mail 2003 build 2003.0139.0871 and earlier, and possibly other versions before 2003.0139.0939, allow remote attackers to inject arbitrary web script or HTML via the 1 From, 2 To, 3 Cc, and 4 Bcc parameters...