Lucene search
+L

13 matches found

redhatcve
redhatcve
added 2026/02/20 7:40 p.m.7 views

CVE-2026-23618

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Spam Keyword Checking Subject conditions interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pvSubject$TXBSubjectCondition parameter to...

5.4CVSS5.4AI score0.00173EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/02/20 7:40 p.m.6 views

CVE-2026-23617

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Spam Keyword Checking Body conditions interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pvGeneral$TXBCondition parameter to...

5.4CVSS5.4AI score0.00173EPSS
Exploits0References1
osv
osv
added 2026/02/19 6:24 p.m.3 views

CVE-2026-23617

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Spam Keyword Checking Body conditions interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pvGeneral$TXBCondition parameter to...

5.4CVSS5.8AI score0.00173EPSS
Exploits0References2
nvd
nvd
added 2026/02/19 6:24 p.m.7 views

CVE-2026-23617

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Spam Keyword Checking Body conditions interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pvGeneral$TXBCondition parameter to...

5.4CVSS0.00173EPSS
Exploits0References2
cvelist
cvelist
added 2026/02/19 5:59 p.m.25 views

CVE-2026-23618 GFI MailEssentials AI < 22.4 Anti-Spam Spam Keyword Checking Subject Condition Stored XSS

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Spam Keyword Checking Subject conditions interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pvSubject$TXBSubjectCondition parameter to...

5.4CVSS0.00173EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/02/19 5:59 p.m.4 views

CVE-2026-23618 GFI MailEssentials AI < 22.4 Anti-Spam Spam Keyword Checking Subject Condition Stored XSS

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Spam Keyword Checking Subject conditions interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pvSubject$TXBSubjectCondition parameter to...

5.4CVSS5.4AI score0.00173EPSS
Exploits0References2
cve
cve
added 2026/02/19 5:59 p.m.19 views

CVE-2026-23618

GFI MailEssentials AI versions before 22.4 are affected by a stored XSS in the Spam Keyword Checking (Subject) UI. An authenticated user can inject HTML/JS into the ctl00$ContentPlaceHolder1$pvSubject$TXB_SubjectCondition parameter of /MailEssentials/pages/MailSecurity/ASKeywordChecking.aspx; the...

5.4CVSS5.4AI score0.00173EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/02/19 5:59 p.m.24 views

CVE-2026-23617 GFI MailEssentials AI < 22.4 Anti-Spam Spam Keyword Checking Body Condition Stored XSS

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Spam Keyword Checking Body conditions interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pvGeneral$TXBCondition parameter to...

5.4CVSS0.00173EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/02/19 5:59 p.m.4 views

CVE-2026-23617 GFI MailEssentials AI < 22.4 Anti-Spam Spam Keyword Checking Body Condition Stored XSS

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Spam Keyword Checking Body conditions interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pvGeneral$TXBCondition parameter to...

5.4CVSS5.4AI score0.00173EPSS
Exploits0References2
cve
cve
added 2026/02/19 5:59 p.m.21 views

CVE-2026-23617

GFI MailEssentials AI prior to 22.4 is affected by a stored XSS in the Spam Keyword Checking (Body) interface. An authenticated user can supply HTML/JavaScript to ctl00$ContentPlaceHolder1$pvGeneral$TXB_Condition in /MailEssentials/pages/MailSecurity/ASKeywordChecking.aspx; the payload is stored ...

5.4CVSS5.4AI score0.00173EPSS
Exploits0References2Affected Software1
cnnvd
cnnvd
added 2026/02/19 12:0 a.m.8 views

GFI MailEssentials AI 安全漏洞

GFI MailEssentials AI is an open-source anti-spam and data breach protection software developed by GFI in the United States. Versions of GFI MailEssentials AI prior to version 22.4 contained a security vulnerability. This vulnerability stemmed from a storage-oriented cross-site scripting...

5.4CVSS5.6AI score0.00173EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/02/19 12:0 a.m.9 views

PT-2026-20897

Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description GFI MailEssentials AI versions before 22.4 are affected by a stored cross-site scripting issue. An authenticated user can inject HTML or JavaScript code into the...

5.4CVSS5.1AI score0.00173EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/02/19 12:0 a.m.13 views

PT-2026-20898

Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting issue. An authenticated user can inject HTML or JavaScript code into the...

5.4CVSS5.1AI score0.00173EPSS
Exploits0References6
Rows per page
Query Builder