Lucene search
+L

4 matches found

osv
osv
added 2026/02/19 6:24 p.m.3 views

CVE-2026-23617

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Spam Keyword Checking Body conditions interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pvGeneral$TXBCondition parameter to...

5.4CVSS5.8AI score0.00173EPSS
Exploits0References2
cvelist
cvelist
added 2026/02/19 5:59 p.m.24 views

CVE-2026-23617 GFI MailEssentials AI < 22.4 Anti-Spam Spam Keyword Checking Body Condition Stored XSS

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Spam Keyword Checking Body conditions interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pvGeneral$TXBCondition parameter to...

5.4CVSS0.00173EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/02/19 5:59 p.m.4 views

CVE-2026-23617 GFI MailEssentials AI < 22.4 Anti-Spam Spam Keyword Checking Body Condition Stored XSS

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Spam Keyword Checking Body conditions interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pvGeneral$TXBCondition parameter to...

5.4CVSS5.4AI score0.00173EPSS
Exploits0References2
cve
cve
added 2026/02/19 5:59 p.m.21 views

CVE-2026-23617

GFI MailEssentials AI prior to 22.4 is affected by a stored XSS in the Spam Keyword Checking (Body) interface. An authenticated user can supply HTML/JavaScript to ctl00$ContentPlaceHolder1$pvGeneral$TXB_Condition in /MailEssentials/pages/MailSecurity/ASKeywordChecking.aspx; the payload is stored ...

5.4CVSS5.4AI score0.00173EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder