312 matches found
CVE-2026-23611
GFI MailEssentials AI (versions prior to 22.4) contains a stored cross-site scripting vulnerability in the IP Blocklist management page. An authenticated user can submit HTML/JavaScript via ctl00$ContentPlaceHolder1$pv1$txtIPDescription on /MailEssentials/pages/MailSecurity/ipblocklist.aspx, whic...
CVE-2026-23610 GFI MailEssentials AI < 22.4 POP2Exchange POP3 Server Login Stored XSS
GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the POP2Exchange configuration endpoint. An authenticated user can supply HTML/JavaScript in the POP3 server login field within the JSON "popServers" payload to...
CVE-2026-23608 GFI MailEssentials AI < 22.4 Email Management Mail Monitoring Rule Stored XSS
GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Mail Monitoring rule creation endpoint. An authenticated user can supply HTML/JavaScript in the JSON "name" field to /MailEssentials/pages/MailSecurity/MailMonitoring.aspx/Save, which is stored...
CVE-2026-23607 GFI MailEssentials AI < 22.4 Anti-Spam Whitelist Description Stored XSS
GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Anti-Spam Whitelist management interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv1$txtDescription parameter to...
CVE-2026-23604
GFI MailEssentials AI versions prior to 22.4 are affected by a stored cross-site scripting (XSS) vulnerability in the Keyword Filtering rule creation workflow. An authenticated user can inject HTML/JavaScript into the ctl00$ContentPlaceHolder1$pv1$TXB_RuleName parameter of the /MailEssentials/pag...
CVE-2026-23604 GFI MailEssentials AI < 22.4 Keyword Filtering Rule Stored XSS
GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Keyword Filtering rule creation workflow. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv1$TXBRuleName parameter to...
GFI MailEssentials AI 安全漏洞
GFI MailEssentials AI is an open-source anti-spam and data breach protection software developed by GFI in the United States. Versions of GFI MailEssentials AI prior to version 22.4 contained a security vulnerability. This vulnerability stemmed from the ListServer.IsPathExist web method, which had...
GFI MailEssentials AI 安全漏洞
GFI MailEssentials AI is an open-source anti-spam and data breach protection software developed by GFI in the United States. Versions of GFI MailEssentials AI prior to version 22.4 contained a security vulnerability. This vulnerability stemmed from a storage-based cross-site scripting issue in th...
GFI MailEssentials AI 安全漏洞
GFI MailEssentials AI is a U.S. GFI open source anti-spam and data leakage protection software. A cross-site scripting vulnerability exists in the GFI MailEssentials AI Anti-Spoofing configuration page, which can be exploited by an attacker to execute scripts in the context of a logged-in user...
PT-2026-20894
Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description The software contains a stored cross-site scripting issue in the Sender Policy Framework IP Exceptions interface. A logged-in user can inject HTML or JavaScript code into the...
GFI MailEssentials AI 安全漏洞
GFI MailEssentials AI is a U.S. GFI open source anti-spam and data leakage protection software. A cross-site scripting vulnerability exists in the GFI MailEssentials AI IP Blocklist administration page, which can be exploited by an attacker to execute script in the context of a logged-in user...
PT-2026-20891
Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description The software contains a stored cross-site scripting issue in the IP Blocklist management page. A logged-in user can inject HTML or JavaScript code into the...
PT-2026-20896
Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting issue in the Anti-Spoofing configuration page. An authenticated user can inject HTML or JavaScript into...
GFI MailEssentials AI 安全漏洞
GFI MailEssentials AI is an open-source anti-spam and data breach protection software developed by GFI in the United States. Versions of GFI MailEssentials AI prior to version 22.4 contained a security vulnerability. This vulnerability stemmed from a storage-type cross-site scripting issue in the...
PT-2026-20898
Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting issue. An authenticated user can inject HTML or JavaScript code into the...
PT-2026-20889
Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description GFI MailEssentials AI contains a stored cross-site scripting issue in the Perimeter SMTP Servers configuration page. A logged-in user can inject HTML or JavaScript code into the...
PT-2026-20895
Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting issue in the Sender Policy Framework Email Exceptions interface. An authenticated user can inject HTML ...
Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component.
Summary Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component. Vulnerability Details CVEID:CVE-2022-42004 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial o...
EUVD-2008-0227
Malware in sbrugna...
EUVD-2010-4005
Malware in sbrugna...