CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

NVD•added 2012/01/24 6:55 p.m.•24 views

CVE-2012-0389

Cross-site scripting XSS vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and earlier, 5.x before 5.53, and 6.x before 6.03 allows remote attackers to inject arbitrary web script or HTML via the Username parameter...

4.3CVSS5.6AI score0.0842EPSS

Exploits5References10

CVE•added 2012/01/24 6:0 p.m.•79 views

CVE-2012-0389

CVE-2012-0389 is an XSS vulnerability in MailEnable’s ForgottenPassword.aspx, affecting Professional/Enterprise/Premium editions up to specific versions (4.26 and earlier; 5.x before 5.53; 6.x before 6.03). The issue arises from insufficient sanitization of the Username input, allowing remote att...

4.3CVSS5.6AI score0.0842EPSS

Exploits5References10Affected Software1

securityvulns•added 2012/01/16 12:0 a.m.•122 views

ME020567: MailEnable webmail cross-site scripting vulnerability CVE-2012-0389

ME020567: MailEnable webmail cross-site scripting vulnerability CWE-79 References: CVE-2012-0389 Discovered by: Sajjad Pourali, Narendra Shinde and Shahab NamaziKhah Vendor advisory: http://www.mailenable.com/kb/Content/Article.asp?ID=me020567 Vendor contact: 2012-01-04 09:49:36 UTC Vendor...

4.3CVSS6.2AI score0.0842EPSS

Exploits5