6 matches found
CVE-2026-23612
GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the IP DNS Blocklist configuration page. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv1$TXBIPs parameter to...
CVE-2026-23612
GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the IP DNS Blocklist configuration page. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv1$TXBIPs parameter to...
CVE-2026-23612 GFI MailEssentials AI < 22.4 Anti-Spam IP DNS Blocklist Domain Stored XSS
GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the IP DNS Blocklist configuration page. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv1$TXBIPs parameter to...
CVE-2026-23612 GFI MailEssentials AI < 22.4 Anti-Spam IP DNS Blocklist Domain Stored XSS
GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the IP DNS Blocklist configuration page. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv1$TXBIPs parameter to...
CVE-2026-23612
CVE-2026-23612 affects GFI MailEssentials AI versions prior to 22.4. The vulnerability is a stored cross-site scripting flaw in the IP DNS Blocklist configuration page. An authenticated user can submit HTML/JavaScript via ctl00$ContentPlaceHolder1$pv1$TXB_IPs to /MailEssentials/pages/MailSecurity...
PT-2026-20892
Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting issue in the IP DNS Blocklist configuration page. An authenticated user can inject HTML/JavaScript into...