EUVD-2026-14521

MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in...

EUVD-2026-14520

MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the Attendees parameter in...

CVE-2026-32852

MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in...

MailEnable ForgottenPassword.aspx Username Parameter XSS

The webmail client bundled with MailEnable is affected by a cross-site scripting vulnerability in the ForgottenPassword.aspx script. The 'Username' parameter fails to properly sanitize user- supplied input. Successful exploitation would allow an attacker to steal cookies used for webmail access...

ME020567: MailEnable webmail cross-site scripting vulnerability CVE-2012-0389

ME020567: MailEnable webmail cross-site scripting vulnerability CWE-79 References: CVE-2012-0389 Discovered by: Sajjad Pourali, Narendra Shinde and Shahab NamaziKhah Vendor advisory: http://www.mailenable.com/kb/Content/Article.asp?ID=me020567 Vendor contact: 2012-01-04 09:49:36 UTC Vendor...

Immunity Canvas: MEWEBMAIL

Name| MEWebMail ---|--- CVE| CVE-2005-1348 Exploit Pack| CANVAS Description| MailEnable WebMail Authorization Buffer Overflow Notes| References: Found by CorryL of www.x0n3-h4ck.org CVE Name: CVE-2005-1348 VENDOR: MailEnable Repeatability: This is a repeatable exploit given that the node is...