ID SECURITYVULNS:DOC:27554Type securityvulnsReporter SecurityvulnsModified 2012-01-16T00:00:00
Description
ME020567: MailEnable webmail cross-site scripting vulnerability (CWE-79)
References: CVE-2012-0389
Discovered by: Sajjad Pourali, Narendra Shinde and Shahab NamaziKhah
Vendor advisory: http://www.mailenable.com/kb/Content/Article.asp?ID=me020567
Vendor contact: 2012-01-04 09:49:36 UTC
Vendor response: 2012-01-04 10:27:13 UTC (Peter Fregon from MailEnable)
Vendor fix and announcement: 2012-01-10 00:50:31 UTC
Vulnerability description:
MailEnable <http://www.mailenable.com/> Professional and Enterprise versions are prone to cross-site scripting vulnerabilities as the user-supplied input received via "Username" parameter of "ForgottonPassword.aspx" page is not properly sanitized. A specially crafted URL which a user clicks could gain access to the users cookies for webmail or execute other malicious code in users browser in context of the domain in use.
Remote: yes
Authentication required: no
User interaction required: yes
Affected:
MailEnable Professional, Enterprise & Premium 4.26 and earlier
MailEnable Professional, Enterprise & Premium 5.52 and earlier
MailEnable Professional, Enterprise & Premium 6.02 and earlier
Not affected:
MailEnable Standard is not affected.
PoC:
http://example.com/mewebmail/Mondo/lang/sys/ForgottenPassword.aspx?Username='};alert(/XSS/);{'
Resolution:
Users of MailEnable 5 and 6 can resolve the issue by upgrading to version 5.53 or 6.03 or later. Alternatively, and for version 4 users, the following fix can be applied:
1) Open the ForgottenPassword.aspx file in Notepad. This file is in the Mail Enable\bin\NETWebMail\Mondo\lang\[language] folders in version 4 and in Mail Enable\bin\NETWebMail\Mondo\lang\sys in version 5 and 6.
2) Locate and remove the following line, then save the file: document.getElementById("txtUsername").value = '<%= Request.Item("Username") %>';
{"id": "SECURITYVULNS:DOC:27554", "bulletinFamily": "software", "title": "ME020567: MailEnable webmail cross-site scripting vulnerability CVE-2012-0389", "description": "ME020567: MailEnable webmail cross-site scripting vulnerability (CWE-79)\r\nReferences: CVE-2012-0389\r\nDiscovered by: Sajjad Pourali, Narendra Shinde and Shahab NamaziKhah\r\nVendor advisory: http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\r\nVendor contact: 2012-01-04 09:49:36 UTC\r\nVendor response: 2012-01-04 10:27:13 UTC (Peter Fregon from MailEnable)\r\nVendor fix and announcement: 2012-01-10 00:50:31 UTC\r\n\r\nVulnerability description:\r\n\r\nMailEnable <http://www.mailenable.com/> Professional and Enterprise versions are prone to cross-site scripting vulnerabilities as the user-supplied input received via "Username" parameter of "ForgottonPassword.aspx" page is not properly sanitized. A specially crafted URL which a user clicks could gain access to the users cookies for webmail or execute other malicious code in users browser in context of the domain in use.\r\n\r\nRemote: yes\r\nAuthentication required: no\r\nUser interaction required: yes\r\n\r\nAffected:\r\n\r\n- MailEnable Professional, Enterprise & Premium 4.26 and earlier\r\n- MailEnable Professional, Enterprise & Premium 5.52 and earlier\r\n- MailEnable Professional, Enterprise & Premium 6.02 and earlier\r\n\r\nNot affected:\r\n\r\n- MailEnable Standard is not affected.\r\n\r\nPoC:\r\n\r\nhttp://example.com/mewebmail/Mondo/lang/sys/ForgottenPassword.aspx?Username='};alert(/XSS/);{'\r\n\r\nResolution:\r\n\r\nUsers of MailEnable 5 and 6 can resolve the issue by upgrading to version 5.53 or 6.03 or later. Alternatively, and for version 4 users, the following fix can be applied:\r\n\r\n1) Open the ForgottenPassword.aspx file in Notepad. This file is in the Mail Enable\bin\NETWebMail\Mondo\lang\[language] folders in version 4 and in Mail Enable\bin\NETWebMail\Mondo\lang\sys in version 5 and 6.\r\n2) Locate and remove the following line, then save the file: document.getElementById("txtUsername").value = '<%= Request.Item("Username") %>';\r\n\r\n- Henri Salo\r\n", "published": "2012-01-16T00:00:00", "modified": "2012-01-16T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27554", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2012-0389"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:43", "edition": 1, "viewCount": 24, "enchantments": {"score": {"value": 6.7, "vector": "NONE", "modified": "2018-08-31T11:10:43", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-0389"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"]}, {"type": "exploitdb", "idList": ["EDB-ID:36547", "EDB-ID:18447"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103388"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12142"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108640"]}, {"type": "seebug", "idList": ["SSV:72551"]}, {"type": "nessus", "idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"]}], "modified": "2018-08-31T11:10:43", "rev": 2}, "vulnersScore": 6.7}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}}
{"cve": [{"id": "CVE-2012-0389", "bulletinFamily": "NVD", "title": "CVE-2012-0389", "description": "Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and earlier, 5.x before 5.53, and 6.x before 6.03 allows remote attackers to inject arbitrary web script or HTML via the Username parameter.", "published": "2012-01-24T18:55:00", "modified": "2017-08-29T01:30:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0389", "reporter": "cve@mitre.org", "references": ["http://secunia.com/advisories/47562", "http://www.securitytracker.com/id?1026519", "http://secunia.com/advisories/47518", "http://www.nerv.fi/CVE-2012-0389.txt", "http://www.exploit-db.com/exploits/18447", "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567", "http://www.securityfocus.com/bid/51401", "http://osvdb.org/78242", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72380", "http://archives.neohapsis.com/archives/bugtraq/2012-01/0090.html"], "cvelist": ["CVE-2012-0389"], "type": "cve", "lastseen": "2021-04-22T23:28:15", "history": [{"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.53"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.53"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.72"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.7"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.16"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.16"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.17"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.17"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.71"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.06"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.06"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.06"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.78"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.73"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.6"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.6"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.07"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.07"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.07"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.2"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.2"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.61"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.61"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.21"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.17"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.15"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.15"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.62"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.62"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.79"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.26"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.75"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.53"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.00"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.18"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.05"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.05"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.05"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.6"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "le", "version": "4.26"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "le", "version": "4.26"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "le", "version": "4.26"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.63"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.63"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.2a"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.76"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.74"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.21"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.77"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.70"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.54"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.19"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.2"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:mailenable:mailenable:1.22", "cpe:/a:mailenable:mailenable:4.21", "cpe:/a:mailenable:mailenable:1.71", "cpe:/a:mailenable:mailenable:3.02", "cpe:/a:mailenable:mailenable:4.0", "cpe:/a:mailenable:mailenable:5.07", "cpe:/a:mailenable:mailenable:5.11", "cpe:/a:mailenable:mailenable:3.03", "cpe:/a:mailenable:mailenable:4.16", "cpe:/a:mailenable:mailenable:4.24", "cpe:/a:mailenable:mailenable:1.6", "cpe:/a:mailenable:mailenable:3.10", "cpe:/a:mailenable:mailenable:4.2", "cpe:/a:mailenable:mailenable:5.52", "cpe:/a:mailenable:mailenable:3.52", "cpe:/a:mailenable:mailenable:5.0", "cpe:/a:mailenable:mailenable:1.18", "cpe:/a:mailenable:mailenable:5.5", "cpe:/a:mailenable:mailenable:1.02", "cpe:/a:mailenable:mailenable:1.73", "cpe:/a:mailenable:mailenable:1.17", "cpe:/a:mailenable:mailenable:3.11", "cpe:/a:mailenable:mailenable:3.53", "cpe:/a:mailenable:mailenable:5.03", "cpe:/a:mailenable:mailenable:1.79", "cpe:/a:mailenable:mailenable:3.5", "cpe:/a:mailenable:mailenable:5.02", "cpe:/a:mailenable:mailenable:4.15", "cpe:/a:mailenable:mailenable:4.17", "cpe:/a:mailenable:mailenable:5.51", "cpe:/a:mailenable:mailenable:3.62", "cpe:/a:mailenable:mailenable:4.14", "cpe:/a:mailenable:mailenable:4.1", "cpe:/a:mailenable:mailenable:1.03", "cpe:/a:mailenable:mailenable:3.6", "cpe:/a:mailenable:mailenable:4.23", "cpe:/a:mailenable:mailenable:1.52", "cpe:/a:mailenable:mailenable:1.01", "cpe:/a:mailenable:mailenable:1.26", "cpe:/a:mailenable:mailenable:1.76", "cpe:/a:mailenable:mailenable:1.7", "cpe:/a:mailenable:mailenable:1.19", "cpe:/a:mailenable:mailenable:1.24", "cpe:/a:mailenable:mailenable:4.22", "cpe:/a:mailenable:mailenable:4.25", "cpe:/a:mailenable:mailenable:1.21", "cpe:/a:mailenable:mailenable:1.2", "cpe:/a:mailenable:mailenable:1.25", "cpe:/a:mailenable:mailenable:3.63", "cpe:/a:mailenable:mailenable:6.02", "cpe:/a:mailenable:mailenable:5.04", "cpe:/a:mailenable:mailenable:1.53", "cpe:/a:mailenable:mailenable:3.14", "cpe:/a:mailenable:mailenable:1.5", "cpe:/a:mailenable:mailenable:6.01", "cpe:/a:mailenable:mailenable:5.05", "cpe:/a:mailenable:mailenable:1.54", "cpe:/a:mailenable:mailenable:1.72", "cpe:/a:mailenable:mailenable:3.61", "cpe:/a:mailenable:mailenable:3.04", "cpe:/a:mailenable:mailenable:1.74", "cpe:/a:mailenable:mailenable:3.12", "cpe:/a:mailenable:mailenable:3.13", "cpe:/a:mailenable:mailenable:5.06", "cpe:/a:mailenable:mailenable:3.51", "cpe:/a:mailenable:mailenable:4.01", "cpe:/a:mailenable:mailenable:3.01", "cpe:/a:mailenable:mailenable:1.78", "cpe:/a:mailenable:mailenable:1.23", "cpe:/a:mailenable:mailenable:4.13", "cpe:/a:mailenable:mailenable:4.12", "cpe:/a:mailenable:mailenable:4.11", "cpe:/a:mailenable:mailenable:4.26", "cpe:/a:mailenable:mailenable:1.2a", "cpe:/a:mailenable:mailenable:6.0", "cpe:/a:mailenable:mailenable:3.0", "cpe:/a:mailenable:mailenable:1.51", "cpe:/a:mailenable:mailenable:1.70", "cpe:/a:mailenable:mailenable:1.00", "cpe:/a:mailenable:mailenable:5.01", "cpe:/a:mailenable:mailenable:1.75", "cpe:/a:mailenable:mailenable:1.77", "cpe:/a:mailenable:mailenable:5.10", "cpe:/a:mailenable:mailenable:1.04", "cpe:/a:mailenable:mailenable:1.1"], "cpe23": ["cpe:2.3:a:mailenable:mailenable:1.04:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.63:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.75:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.51:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.16:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.14:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.79:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.0:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.01:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.71:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.17:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.14:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.15:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.15:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.73:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.61:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.77:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.03:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.6:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.76:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.53:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.19:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.5:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.23:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.7:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.02:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.0:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.13:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.24:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.13:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.62:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.78:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.21:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.26:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.11:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.11:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.54:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.74:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.12:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.02:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.13:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.0:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.03:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.22:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.16:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.25:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.03:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.63:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.61:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.04:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.14:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.51:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.13:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.17:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.18:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.2:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.70:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.10:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.53:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.01:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.5:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.12:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.00:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.0:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.11:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.5:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.26:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.72:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.6:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.53:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.1:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.04:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.10:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.12:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.01:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.26:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.21:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.12:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.01:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.51:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.11:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.14:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2a:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.62:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.6:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.26:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.17:*:professional:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.02:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.0:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.01:*:enterprise:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.22:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.52:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.52:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.23:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.12:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.51:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.03:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.04:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.26:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.0:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.00:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.02:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.12:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.15:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.0:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.21:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.23:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.14:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.61:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.10:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.04:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.22:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.62:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.03:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.24:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.01:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.11:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.01:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.53:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.5:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.6:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.63:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.25:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.13:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.11:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.25:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.2:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.14:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.24:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.26:-:enterprise:*:*:*:*:*", "versionEndIncluding": "4.26", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.1:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.01:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.02:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.13:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.1:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.16:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.17:-:enterprise:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.04:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.02:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.01:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.52:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.17:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.11:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.18:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.75:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.52:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.54:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.13:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.17:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.5:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.51:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.2:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.63:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.16:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.77:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.26:-:pro:*:*:*:*:*", "versionEndIncluding": "4.26", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.0:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.78:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.11:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.25:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.70:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.10:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.12:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.51:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.14:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.7:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.53:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.76:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.23:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.6:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.12:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.22:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.53:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.24:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.52:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.74:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.79:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.6:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.2a:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.01:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.13:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.19:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.0:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.5:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.62:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.1:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.61:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.15:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.72:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.73:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.71:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.14:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.03:-:pro:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.02:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.0:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.01:*:premium:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.5:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.11:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.03:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.04:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.06:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.07:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.01:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.05:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.10:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.0:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.52:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.02:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.51:*:enterprise:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.03:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.04:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.51:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.02:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.05:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.0:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.11:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.5:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.06:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.01:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.52:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.07:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.10:*:premium:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.01:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.5:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.11:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.06:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.05:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.10:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.52:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.51:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.03:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.04:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.0:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.07:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.02:*:professional:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.21:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.25:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.23:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.2:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.22:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.1:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.26:*:premium:*:*:*:*:*", "versionEndIncluding": "4.26", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.24:*:premium:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.0:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.02:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.01:*:professional:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2012-0389"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cwe": ["CWE-79"], "description": "Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and earlier, 5.x before 5.53, and 6.x before 6.03 allows remote attackers to inject arbitrary web script or HTML via the Username parameter.", "edition": 8, "enchantments": {"dependencies": {"modified": "2021-02-02T05:59:44", "references": [{"idList": ["OPENVAS:1361412562310103388"], "type": "openvas"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"], "type": "nessus"}, {"idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"], "type": "exploitpack"}, {"idList": ["EDB-ID:18447", "EDB-ID:36547"], "type": "exploitdb"}], "rev": 2}, "score": {"modified": "2021-02-02T05:59:44", "rev": 2, "value": 4.5, "vector": "NONE"}}, "extraReferences": [{"name": "78242", "refsource": "OSVDB", "tags": [], "url": "http://osvdb.org/78242"}, {"name": "47518", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47518"}, {"name": "18447", "refsource": "EXPLOIT-DB", "tags": [], "url": "http://www.exploit-db.com/exploits/18447"}, {"name": "20120112 ME020567: MailEnable webmail cross-site scripting vulnerability CVE-2012-0389", "refsource": "BUGTRAQ", "tags": ["Exploit"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-01/0090.html"}, {"name": "mailenable-forgottenpassword-xss(72380)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72380"}, {"name": "1026519", "refsource": "SECTRACK", "tags": ["Exploit"], "url": "http://www.securitytracker.com/id?1026519"}, {"name": "47562", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47562"}, {"name": "51401", "refsource": "BID", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/51401"}, {"name": "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567"}, {"name": "http://www.nerv.fi/CVE-2012-0389.txt", "refsource": "MISC", "tags": ["Exploit"], "url": "http://www.nerv.fi/CVE-2012-0389.txt"}], "hash": "3ac3abc9a8ed4a61c44d71c96154a0fbcab4c16ae5fbbe716bb2c9c7c67b45a8", "hashmap": [{"hash": "25131d66a9f3961140b068f4b41aa42b", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "ff09d8afa2a97f24b4269dee7d2cddf4", "key": "affectedSoftware"}, {"hash": "673ae3dcaa9be99662a7ec085c4d8779", "key": "references"}, {"hash": "a412936d944bcccb954aee6cf0cce4c0", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "be4180f472b42f94184a546d07ae03e1", "key": "href"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "8c1138d66a45bffb7eb0561f591661de", "key": "extraReferences"}, {"hash": "dc1db2ff451981c50032c54bb22011ff", "key": "cvelist"}, {"hash": "99fa2cfef23750b1ff3c7e0ebdf65f2a", "key": "cpeConfiguration"}, {"hash": "173f292874ee9633e1339782bfa220f5", "key": "cpe23"}, {"hash": "902ea2d80de3657108b23079755b0a5f", "key": "cpe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "34e69e045b64924bccf865d56b6918a2", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "153a13889665a444a342ef7d1859e6d5", "key": "title"}, {"hash": "53392a7644fd76be7c6869cc55d6be75", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0389", "id": "CVE-2012-0389", "immutableFields": [], "lastseen": "2021-02-02T05:59:44", "modified": "2017-08-29T01:30:00", "objectVersion": "1.5", "published": "2012-01-24T18:55:00", "references": ["http://secunia.com/advisories/47562", "http://www.securitytracker.com/id?1026519", "http://secunia.com/advisories/47518", "http://www.nerv.fi/CVE-2012-0389.txt", "http://www.exploit-db.com/exploits/18447", "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567", "http://www.securityfocus.com/bid/51401", "http://osvdb.org/78242", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72380", "http://archives.neohapsis.com/archives/bugtraq/2012-01/0090.html"], "reporter": "cve@mitre.org", "title": "CVE-2012-0389", "type": "cve", "viewCount": 9}, "different_elements": ["cpeConfiguration"], "edition": 8, "lastseen": "2021-02-02T05:59:44"}, {"bulletin": {"affectedSoftware": [{"name": "mailenable mailenable", "operator": "eq", "version": "4.25"}, {"name": "mailenable mailenable", "operator": "eq", "version": "5.07"}, {"name": "mailenable mailenable", "operator": "eq", "version": "5.51"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.77"}, {"name": "mailenable mailenable", "operator": "eq", "version": "5.05"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.26"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.7"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.02"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.75"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.78"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.79"}, {"name": "mailenable mailenable", "operator": "eq", "version": "5.02"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.70"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.00"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.52"}, {"name": "mailenable mailenable", "operator": "eq", "version": "5.0"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.24"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.51"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.11"}, {"name": "mailenable mailenable", "operator": "eq", "version": "4.01"}, {"name": "mailenable mailenable", "operator": "eq", "version": "4.16"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.54"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.0"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.04"}, {"name": "mailenable mailenable", "operator": "le", "version": "4.26"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.76"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.23"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.19"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.04"}, {"name": "mailenable mailenable", "operator": "eq", "version": "4.21"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.71"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.5"}, {"name": "mailenable mailenable", "operator": "eq", "version": "4.11"}, {"name": "mailenable mailenable", "operator": "eq", "version": "4.22"}, {"name": "mailenable mailenable", "operator": "eq", "version": "5.10"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.22"}, {"name": "mailenable mailenable", "operator": "eq", "version": "4.23"}, {"name": "mailenable mailenable", "operator": "eq", "version": "4.1"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.01"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.17"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.61"}, {"name": "mailenable mailenable", "operator": "eq", "version": "5.04"}, {"name": "mailenable mailenable", "operator": "eq", "version": "5.06"}, {"name": "mailenable mailenable", "operator": "eq", "version": "4.24"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.74"}, {"name": "mailenable mailenable", "operator": "eq", "version": "6.0"}, {"name": "mailenable mailenable", "operator": "eq", "version": "5.01"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.1"}, {"name": "mailenable mailenable", "operator": "eq", "version": "4.2"}, {"name": "mailenable mailenable", "operator": "eq", "version": "6.02"}, {"name": "mailenable mailenable", "operator": "eq", "version": "4.14"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.13"}, {"name": "mailenable mailenable", "operator": "eq", "version": "4.15"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.53"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.6"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.6"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.25"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.21"}, {"name": "mailenable mailenable", "operator": "eq", "version": "5.5"}, {"name": "mailenable mailenable", "operator": "eq", "version": "5.52"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.14"}, {"name": "mailenable mailenable", "operator": "eq", "version": "4.0"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.02"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.53"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.51"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.52"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.01"}, {"name": "mailenable mailenable", "operator": "eq", "version": "4.17"}, {"name": "mailenable mailenable", "operator": "eq", "version": "5.11"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.73"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.03"}, {"name": "mailenable mailenable", "operator": "eq", "version": "4.13"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.2a"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.12"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.10"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.5"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.03"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.62"}, {"name": "mailenable mailenable", "operator": "eq", "version": "3.63"}, {"name": "mailenable mailenable", "operator": "eq", "version": "4.12"}, {"name": "mailenable mailenable", "operator": "eq", "version": "5.03"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.2"}, {"name": "mailenable mailenable", "operator": "eq", "version": "6.01"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.72"}, {"name": "mailenable mailenable", "operator": "eq", "version": "1.18"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:mailenable:mailenable:1.22", "cpe:/a:mailenable:mailenable:4.21", "cpe:/a:mailenable:mailenable:1.71", "cpe:/a:mailenable:mailenable:3.02", "cpe:/a:mailenable:mailenable:4.0", "cpe:/a:mailenable:mailenable:5.07", "cpe:/a:mailenable:mailenable:5.11", "cpe:/a:mailenable:mailenable:3.03", "cpe:/a:mailenable:mailenable:4.16", "cpe:/a:mailenable:mailenable:4.24", "cpe:/a:mailenable:mailenable:1.6", "cpe:/a:mailenable:mailenable:3.10", "cpe:/a:mailenable:mailenable:4.2", "cpe:/a:mailenable:mailenable:5.52", "cpe:/a:mailenable:mailenable:3.52", "cpe:/a:mailenable:mailenable:5.0", "cpe:/a:mailenable:mailenable:1.18", "cpe:/a:mailenable:mailenable:5.5", "cpe:/a:mailenable:mailenable:1.02", "cpe:/a:mailenable:mailenable:1.73", "cpe:/a:mailenable:mailenable:1.17", "cpe:/a:mailenable:mailenable:3.11", "cpe:/a:mailenable:mailenable:3.53", "cpe:/a:mailenable:mailenable:5.03", "cpe:/a:mailenable:mailenable:1.79", "cpe:/a:mailenable:mailenable:3.5", "cpe:/a:mailenable:mailenable:5.02", "cpe:/a:mailenable:mailenable:4.15", "cpe:/a:mailenable:mailenable:4.17", "cpe:/a:mailenable:mailenable:5.51", "cpe:/a:mailenable:mailenable:3.62", "cpe:/a:mailenable:mailenable:4.14", "cpe:/a:mailenable:mailenable:4.1", "cpe:/a:mailenable:mailenable:1.03", "cpe:/a:mailenable:mailenable:3.6", "cpe:/a:mailenable:mailenable:4.23", "cpe:/a:mailenable:mailenable:1.52", "cpe:/a:mailenable:mailenable:1.01", "cpe:/a:mailenable:mailenable:1.26", "cpe:/a:mailenable:mailenable:1.76", "cpe:/a:mailenable:mailenable:1.7", "cpe:/a:mailenable:mailenable:1.19", "cpe:/a:mailenable:mailenable:1.24", "cpe:/a:mailenable:mailenable:4.22", "cpe:/a:mailenable:mailenable:4.25", "cpe:/a:mailenable:mailenable:1.21", "cpe:/a:mailenable:mailenable:1.2", "cpe:/a:mailenable:mailenable:1.25", "cpe:/a:mailenable:mailenable:3.63", "cpe:/a:mailenable:mailenable:6.02", "cpe:/a:mailenable:mailenable:5.04", "cpe:/a:mailenable:mailenable:1.53", "cpe:/a:mailenable:mailenable:3.14", "cpe:/a:mailenable:mailenable:1.5", "cpe:/a:mailenable:mailenable:6.01", "cpe:/a:mailenable:mailenable:5.05", "cpe:/a:mailenable:mailenable:1.54", "cpe:/a:mailenable:mailenable:1.72", "cpe:/a:mailenable:mailenable:3.61", "cpe:/a:mailenable:mailenable:3.04", "cpe:/a:mailenable:mailenable:1.74", "cpe:/a:mailenable:mailenable:3.12", "cpe:/a:mailenable:mailenable:3.13", "cpe:/a:mailenable:mailenable:5.06", "cpe:/a:mailenable:mailenable:3.51", "cpe:/a:mailenable:mailenable:4.01", "cpe:/a:mailenable:mailenable:3.01", "cpe:/a:mailenable:mailenable:1.78", "cpe:/a:mailenable:mailenable:1.23", "cpe:/a:mailenable:mailenable:4.13", "cpe:/a:mailenable:mailenable:4.12", "cpe:/a:mailenable:mailenable:4.11", "cpe:/a:mailenable:mailenable:1.2a", "cpe:/a:mailenable:mailenable:6.0", "cpe:/a:mailenable:mailenable:3.0", "cpe:/a:mailenable:mailenable:1.51", "cpe:/a:mailenable:mailenable:1.70", "cpe:/a:mailenable:mailenable:1.00", "cpe:/a:mailenable:mailenable:5.01", "cpe:/a:mailenable:mailenable:1.75", "cpe:/a:mailenable:mailenable:1.77", "cpe:/a:mailenable:mailenable:5.10", "cpe:/a:mailenable:mailenable:1.04", "cpe:/a:mailenable:mailenable:1.1"], "cpe23": ["cpe:2.3:a:mailenable:mailenable:1.04:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.63:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.75:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.51:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.16:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.14:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.79:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.0:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.01:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.71:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.17:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.14:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.15:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.15:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.73:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.61:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.77:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.03:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.6:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.76:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.53:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.19:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.5:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.23:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.7:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.02:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.0:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.13:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.24:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.13:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.62:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.78:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.21:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.11:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.11:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.54:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.74:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.12:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.02:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.13:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.0:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.03:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.22:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.16:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.25:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.03:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.63:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.61:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.04:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.14:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.51:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.13:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.17:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.18:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.2:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.70:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.10:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.53:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.01:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.5:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.12:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.00:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.0:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.11:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.5:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.72:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.6:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.53:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.1:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.04:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.10:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.12:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.01:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.21:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.12:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.01:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.51:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.11:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.14:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2a:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.62:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.6:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.26:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.17:*:professional:*:*:*:*:*"], "cvelist": ["CVE-2012-0389"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cwe": ["CWE-79"], "description": "Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and earlier, 5.x before 5.53, and 6.x before 6.03 allows remote attackers to inject arbitrary web script or HTML via the Username parameter.", "edition": 3, "enchantments": {"dependencies": {"modified": "2019-12-12T12:56:47", "references": [{"idList": ["OPENVAS:1361412562310103388"], "type": "openvas"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"], "type": "nessus"}, {"idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"], "type": "exploitpack"}, {"idList": ["EDB-ID:18447", "EDB-ID:36547"], "type": "exploitdb"}], "rev": 2}, "score": {"modified": "2019-12-12T12:56:47", "rev": 2, "value": 4.5, "vector": "NONE"}}, "hash": "20683206af4b0d6f9020c9059030ab1e44a095b938aab5a11a01e78b1adacc2f", "hashmap": [{"hash": "25131d66a9f3961140b068f4b41aa42b", "key": "cvss2"}, {"hash": "673ae3dcaa9be99662a7ec085c4d8779", "key": "references"}, {"hash": "a412936d944bcccb954aee6cf0cce4c0", "key": "description"}, {"hash": "be4180f472b42f94184a546d07ae03e1", "key": "href"}, {"hash": "d0faac07294888b8fc98a2cd8f19b7cb", "key": "affectedSoftware"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "dc1db2ff451981c50032c54bb22011ff", "key": "cvelist"}, {"hash": "f64b0daf5108450d2026755e251c53f6", "key": "cpe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "31484805d904e01773d12f7bfa708c63", "key": "cpe23"}, {"hash": "34e69e045b64924bccf865d56b6918a2", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "153a13889665a444a342ef7d1859e6d5", "key": "title"}, {"hash": "53392a7644fd76be7c6869cc55d6be75", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0389", "id": "CVE-2012-0389", "lastseen": "2019-12-12T12:56:47", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2012-01-24T18:55:00", "references": ["http://secunia.com/advisories/47562", "http://www.securitytracker.com/id?1026519", "http://secunia.com/advisories/47518", "http://www.nerv.fi/CVE-2012-0389.txt", "http://www.exploit-db.com/exploits/18447", "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567", "http://www.securityfocus.com/bid/51401", "http://osvdb.org/78242", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72380", "http://archives.neohapsis.com/archives/bugtraq/2012-01/0090.html"], "reporter": "cve@mitre.org", "title": "CVE-2012-0389", "type": "cve", "viewCount": 5}, "differentElements": ["cpe23", "cpe", "affectedSoftware"], "edition": 3, "lastseen": "2019-12-12T12:56:47"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.53"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.53"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.72"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.7"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.16"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.16"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.17"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.17"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.71"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.06"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.06"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.06"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.78"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.73"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.6"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.6"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.07"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.07"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.07"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.2"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.2"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.61"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.61"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.21"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.17"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.15"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.15"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.62"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.62"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.79"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.26"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.75"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.53"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.00"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.18"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.05"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.05"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.05"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.6"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.63"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.63"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.2a"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.76"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "le", "version": "*"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "le", "version": "*"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "le", "version": "*"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.74"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.21"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.77"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.70"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.54"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.19"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.2"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:mailenable:mailenable:1.22", "cpe:/a:mailenable:mailenable:4.21", "cpe:/a:mailenable:mailenable:1.71", "cpe:/a:mailenable:mailenable:3.02", "cpe:/a:mailenable:mailenable:4.0", "cpe:/a:mailenable:mailenable:5.07", "cpe:/a:mailenable:mailenable:5.11", "cpe:/a:mailenable:mailenable:3.03", "cpe:/a:mailenable:mailenable:4.16", "cpe:/a:mailenable:mailenable:4.24", "cpe:/a:mailenable:mailenable:1.6", "cpe:/a:mailenable:mailenable:3.10", "cpe:/a:mailenable:mailenable:4.2", "cpe:/a:mailenable:mailenable:5.52", "cpe:/a:mailenable:mailenable:3.52", "cpe:/a:mailenable:mailenable:5.0", "cpe:/a:mailenable:mailenable:1.18", "cpe:/a:mailenable:mailenable:5.5", "cpe:/a:mailenable:mailenable:1.02", "cpe:/a:mailenable:mailenable:1.73", "cpe:/a:mailenable:mailenable:1.17", "cpe:/a:mailenable:mailenable:3.11", "cpe:/a:mailenable:mailenable:3.53", "cpe:/a:mailenable:mailenable:5.03", "cpe:/a:mailenable:mailenable:1.79", "cpe:/a:mailenable:mailenable:3.5", "cpe:/a:mailenable:mailenable:5.02", "cpe:/a:mailenable:mailenable:4.15", "cpe:/a:mailenable:mailenable:4.17", "cpe:/a:mailenable:mailenable:5.51", "cpe:/a:mailenable:mailenable:3.62", "cpe:/a:mailenable:mailenable:4.14", "cpe:/a:mailenable:mailenable:4.1", "cpe:/a:mailenable:mailenable:1.03", "cpe:/a:mailenable:mailenable:3.6", "cpe:/a:mailenable:mailenable:4.23", "cpe:/a:mailenable:mailenable:1.52", "cpe:/a:mailenable:mailenable:1.01", "cpe:/a:mailenable:mailenable:1.26", "cpe:/a:mailenable:mailenable:1.76", "cpe:/a:mailenable:mailenable:1.7", "cpe:/a:mailenable:mailenable:1.19", "cpe:/a:mailenable:mailenable:1.24", "cpe:/a:mailenable:mailenable:4.22", "cpe:/a:mailenable:mailenable:4.25", "cpe:/a:mailenable:mailenable:1.21", "cpe:/a:mailenable:mailenable:1.2", "cpe:/a:mailenable:mailenable:1.25", "cpe:/a:mailenable:mailenable:3.63", "cpe:/a:mailenable:mailenable:6.02", "cpe:/a:mailenable:mailenable:5.04", "cpe:/a:mailenable:mailenable:1.53", "cpe:/a:mailenable:mailenable:3.14", "cpe:/a:mailenable:mailenable:1.5", "cpe:/a:mailenable:mailenable:6.01", "cpe:/a:mailenable:mailenable:5.05", "cpe:/a:mailenable:mailenable:1.54", "cpe:/a:mailenable:mailenable:1.72", "cpe:/a:mailenable:mailenable:3.61", "cpe:/a:mailenable:mailenable:3.04", "cpe:/a:mailenable:mailenable:1.74", "cpe:/a:mailenable:mailenable:3.12", "cpe:/a:mailenable:mailenable:3.13", "cpe:/a:mailenable:mailenable:5.06", "cpe:/a:mailenable:mailenable:3.51", "cpe:/a:mailenable:mailenable:4.01", "cpe:/a:mailenable:mailenable:3.01", "cpe:/a:mailenable:mailenable:1.78", "cpe:/a:mailenable:mailenable:1.23", "cpe:/a:mailenable:mailenable:4.13", "cpe:/a:mailenable:mailenable:4.12", "cpe:/a:mailenable:mailenable:4.11", "cpe:/a:mailenable:mailenable:4.26", "cpe:/a:mailenable:mailenable:1.2a", "cpe:/a:mailenable:mailenable:6.0", "cpe:/a:mailenable:mailenable:3.0", "cpe:/a:mailenable:mailenable:1.51", "cpe:/a:mailenable:mailenable:1.70", "cpe:/a:mailenable:mailenable:1.00", "cpe:/a:mailenable:mailenable:5.01", "cpe:/a:mailenable:mailenable:1.75", "cpe:/a:mailenable:mailenable:1.77", "cpe:/a:mailenable:mailenable:5.10", "cpe:/a:mailenable:mailenable:1.04", "cpe:/a:mailenable:mailenable:1.1"], "cpe23": ["cpe:2.3:a:mailenable:mailenable:1.04:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.63:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.75:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.51:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.16:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.14:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.79:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.0:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.01:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.71:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.17:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.14:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.15:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.15:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.73:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.61:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.77:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.03:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.6:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.76:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.53:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.19:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.5:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.23:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.7:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.02:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.0:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.13:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.24:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.13:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.62:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.78:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.21:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.26:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.11:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.11:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.54:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.74:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.12:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.02:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.13:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.0:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.03:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.22:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.16:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.25:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.03:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.63:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.61:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.04:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.14:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.51:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.13:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.17:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.18:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.2:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.70:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.10:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.53:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.01:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.5:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.12:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.00:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.0:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.11:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.5:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.26:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.72:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.6:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.53:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.1:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.04:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.10:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.12:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.01:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.26:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.21:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.12:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.01:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.51:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.11:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.14:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2a:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.62:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.6:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.26:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.17:*:professional:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.02:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.0:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.01:*:enterprise:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.22:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.52:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.52:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.23:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.12:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.51:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.03:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.04:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.26:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.0:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.00:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.02:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.12:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.15:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.0:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.21:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.23:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.14:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.61:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.10:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.04:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.22:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.62:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.03:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.24:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.01:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.11:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.01:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.53:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.5:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.6:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.63:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.25:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.13:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.11:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.25:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.2:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.14:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.24:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.26:-:enterprise:*:*:*:*:*", "versionEndIncluding": "4.26", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.1:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.01:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.02:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.13:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.1:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.16:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.17:-:enterprise:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.04:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.02:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.01:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.52:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.17:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.11:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.18:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.75:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.52:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.54:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.13:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.17:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.5:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.51:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.2:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.63:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.16:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.77:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.26:-:pro:*:*:*:*:*", "versionEndIncluding": "4.26", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.0:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.78:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.11:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.25:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.70:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.10:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.12:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.51:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.14:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.7:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.53:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.76:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.23:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.6:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.12:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.22:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.53:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.24:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.52:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.74:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.79:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.6:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.2a:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.01:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.13:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.19:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.0:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.5:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.62:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.1:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.61:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.15:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.72:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.73:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.71:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.14:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.03:-:pro:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.02:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.0:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.01:*:premium:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.5:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.11:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.03:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.04:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.06:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.07:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.01:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.05:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.10:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.0:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.52:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.02:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.51:*:enterprise:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.03:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.04:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.51:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.02:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.05:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.0:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.11:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.5:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.06:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.01:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.52:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.07:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.10:*:premium:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.01:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.5:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.11:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.06:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.05:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.10:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.52:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.51:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.03:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.04:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.0:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.07:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.02:*:professional:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.21:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.25:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.23:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.2:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.22:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.1:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.26:*:premium:*:*:*:*:*", "versionEndIncluding": "4.26", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.24:*:premium:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.0:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.02:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.01:*:professional:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2012-0389"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cwe": ["CWE-79"], "description": "Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and earlier, 5.x before 5.53, and 6.x before 6.03 allows remote attackers to inject arbitrary web script or HTML via the Username parameter.", "edition": 6, "enchantments": {"dependencies": {"modified": "2020-11-29T23:12:54", "references": [{"idList": ["OPENVAS:1361412562310103388"], "type": "openvas"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"], "type": "nessus"}, {"idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"], "type": "exploitpack"}, {"idList": ["EDB-ID:18447", "EDB-ID:36547"], "type": "exploitdb"}], "rev": 2}, "score": {"modified": "2020-11-29T23:12:54", "rev": 2, "value": 4.5, "vector": "NONE"}}, "hash": "8ec012e6b39a51455a5a6f8cc49aa3f72b535695e2e671e1017200df77753a9c", "hashmap": [{"hash": "25131d66a9f3961140b068f4b41aa42b", "key": "cvss2"}, {"hash": "673ae3dcaa9be99662a7ec085c4d8779", "key": "references"}, {"hash": "a412936d944bcccb954aee6cf0cce4c0", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "be4180f472b42f94184a546d07ae03e1", "key": "href"}, {"hash": "1d24d74086dd709d1bc2256de4dfba83", "key": "affectedSoftware"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "dc1db2ff451981c50032c54bb22011ff", "key": "cvelist"}, {"hash": "99fa2cfef23750b1ff3c7e0ebdf65f2a", "key": "cpeConfiguration"}, {"hash": "173f292874ee9633e1339782bfa220f5", "key": "cpe23"}, {"hash": "902ea2d80de3657108b23079755b0a5f", "key": "cpe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "34e69e045b64924bccf865d56b6918a2", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "153a13889665a444a342ef7d1859e6d5", "key": "title"}, {"hash": "53392a7644fd76be7c6869cc55d6be75", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0389", "id": "CVE-2012-0389", "lastseen": "2020-11-29T23:12:54", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2012-01-24T18:55:00", "references": ["http://secunia.com/advisories/47562", "http://www.securitytracker.com/id?1026519", "http://secunia.com/advisories/47518", "http://www.nerv.fi/CVE-2012-0389.txt", "http://www.exploit-db.com/exploits/18447", "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567", "http://www.securityfocus.com/bid/51401", "http://osvdb.org/78242", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72380", "http://archives.neohapsis.com/archives/bugtraq/2012-01/0090.html"], "reporter": "cve@mitre.org", "title": "CVE-2012-0389", "type": "cve", "viewCount": 8}, "differentElements": ["affectedSoftware"], "edition": 6, "lastseen": "2020-11-29T23:12:54"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.53"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.53"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.72"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.7"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.16"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.16"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.17"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.17"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.71"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.06"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.06"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.06"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.78"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.73"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.6"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.6"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.07"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.07"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.07"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.2"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.2"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.61"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.61"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.21"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.17"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.15"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.15"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.62"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.62"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.79"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.26"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.75"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.53"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.00"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.18"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.05"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.05"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.05"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.6"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "le", "version": "4.26"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "le", "version": "4.26"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "le", "version": "4.26"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.63"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.63"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.2a"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.76"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.74"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.21"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.77"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.70"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.54"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.19"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.2"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:mailenable:mailenable:1.22", "cpe:/a:mailenable:mailenable:4.21", "cpe:/a:mailenable:mailenable:1.71", "cpe:/a:mailenable:mailenable:3.02", "cpe:/a:mailenable:mailenable:4.0", "cpe:/a:mailenable:mailenable:5.07", "cpe:/a:mailenable:mailenable:5.11", "cpe:/a:mailenable:mailenable:3.03", "cpe:/a:mailenable:mailenable:4.16", "cpe:/a:mailenable:mailenable:4.24", "cpe:/a:mailenable:mailenable:1.6", "cpe:/a:mailenable:mailenable:3.10", "cpe:/a:mailenable:mailenable:4.2", "cpe:/a:mailenable:mailenable:5.52", "cpe:/a:mailenable:mailenable:3.52", "cpe:/a:mailenable:mailenable:5.0", "cpe:/a:mailenable:mailenable:1.18", "cpe:/a:mailenable:mailenable:5.5", "cpe:/a:mailenable:mailenable:1.02", "cpe:/a:mailenable:mailenable:1.73", "cpe:/a:mailenable:mailenable:1.17", "cpe:/a:mailenable:mailenable:3.11", "cpe:/a:mailenable:mailenable:3.53", "cpe:/a:mailenable:mailenable:5.03", "cpe:/a:mailenable:mailenable:1.79", "cpe:/a:mailenable:mailenable:3.5", "cpe:/a:mailenable:mailenable:5.02", "cpe:/a:mailenable:mailenable:4.15", "cpe:/a:mailenable:mailenable:4.17", "cpe:/a:mailenable:mailenable:5.51", "cpe:/a:mailenable:mailenable:3.62", "cpe:/a:mailenable:mailenable:4.14", "cpe:/a:mailenable:mailenable:4.1", "cpe:/a:mailenable:mailenable:1.03", "cpe:/a:mailenable:mailenable:3.6", "cpe:/a:mailenable:mailenable:4.23", "cpe:/a:mailenable:mailenable:1.52", "cpe:/a:mailenable:mailenable:1.01", "cpe:/a:mailenable:mailenable:1.26", "cpe:/a:mailenable:mailenable:1.76", "cpe:/a:mailenable:mailenable:1.7", "cpe:/a:mailenable:mailenable:1.19", "cpe:/a:mailenable:mailenable:1.24", "cpe:/a:mailenable:mailenable:4.22", "cpe:/a:mailenable:mailenable:4.25", "cpe:/a:mailenable:mailenable:1.21", "cpe:/a:mailenable:mailenable:1.2", "cpe:/a:mailenable:mailenable:1.25", "cpe:/a:mailenable:mailenable:3.63", "cpe:/a:mailenable:mailenable:6.02", "cpe:/a:mailenable:mailenable:5.04", "cpe:/a:mailenable:mailenable:1.53", "cpe:/a:mailenable:mailenable:3.14", "cpe:/a:mailenable:mailenable:1.5", "cpe:/a:mailenable:mailenable:6.01", "cpe:/a:mailenable:mailenable:5.05", "cpe:/a:mailenable:mailenable:1.54", "cpe:/a:mailenable:mailenable:1.72", "cpe:/a:mailenable:mailenable:3.61", "cpe:/a:mailenable:mailenable:3.04", "cpe:/a:mailenable:mailenable:1.74", "cpe:/a:mailenable:mailenable:3.12", "cpe:/a:mailenable:mailenable:3.13", "cpe:/a:mailenable:mailenable:5.06", "cpe:/a:mailenable:mailenable:3.51", "cpe:/a:mailenable:mailenable:4.01", "cpe:/a:mailenable:mailenable:3.01", "cpe:/a:mailenable:mailenable:1.78", "cpe:/a:mailenable:mailenable:1.23", "cpe:/a:mailenable:mailenable:4.13", "cpe:/a:mailenable:mailenable:4.12", "cpe:/a:mailenable:mailenable:4.11", "cpe:/a:mailenable:mailenable:4.26", "cpe:/a:mailenable:mailenable:1.2a", "cpe:/a:mailenable:mailenable:6.0", "cpe:/a:mailenable:mailenable:3.0", "cpe:/a:mailenable:mailenable:1.51", "cpe:/a:mailenable:mailenable:1.70", "cpe:/a:mailenable:mailenable:1.00", "cpe:/a:mailenable:mailenable:5.01", "cpe:/a:mailenable:mailenable:1.75", "cpe:/a:mailenable:mailenable:1.77", "cpe:/a:mailenable:mailenable:5.10", "cpe:/a:mailenable:mailenable:1.04", "cpe:/a:mailenable:mailenable:1.1"], "cpe23": ["cpe:2.3:a:mailenable:mailenable:1.04:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.63:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.75:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.51:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.16:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.14:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.79:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.0:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.01:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.71:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.17:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.14:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.15:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.15:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.73:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.61:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.77:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.03:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.6:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.76:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.53:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.19:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.5:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.23:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.7:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.02:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.0:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.13:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.24:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.13:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.62:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.78:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.21:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.26:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.11:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.11:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.54:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.74:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.12:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.02:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.13:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.0:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.03:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.22:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.16:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.25:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.03:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.63:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.61:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.04:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.14:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.51:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.13:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.17:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.18:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.2:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.70:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.10:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.53:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.01:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.5:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.12:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.00:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.0:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.11:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.5:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.26:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.72:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.6:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.53:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.1:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.04:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.10:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.12:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.01:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.26:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.21:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.12:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.01:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.51:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.11:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.14:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2a:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.62:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.6:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.26:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.17:*:professional:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.02:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.0:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.01:*:enterprise:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.22:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.52:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.52:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.23:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.12:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.51:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.03:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.04:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.26:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.0:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.00:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.02:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.12:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.15:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.0:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.21:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.23:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.14:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.61:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.10:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.04:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.22:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.62:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.03:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.24:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.01:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.11:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.01:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.53:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.5:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.6:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.63:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.25:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.13:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.11:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.25:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.2:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.14:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.24:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.26:-:enterprise:*:*:*:*:*", "versionEndIncluding": "4.26", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.1:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.01:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.02:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.13:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.1:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.16:-:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.17:-:enterprise:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.04:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.02:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.01:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.52:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.17:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.11:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.18:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.75:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.52:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.54:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.13:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.17:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.5:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.51:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.2:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.63:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.16:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.77:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.26:-:pro:*:*:*:*:*", "versionEndIncluding": "4.26", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.0:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.78:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.11:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.25:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.70:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.10:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.12:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.51:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.14:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.7:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.53:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.76:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.23:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.6:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.12:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.22:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.53:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.24:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.52:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.74:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.79:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.6:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.2a:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.01:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.13:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.19:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.0:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.5:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.62:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.1:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.61:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.15:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.72:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.73:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.71:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.14:-:pro:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.03:-:pro:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.02:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.0:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.01:*:premium:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.5:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.11:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.03:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.04:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.06:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.07:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.01:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.05:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.10:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.0:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.52:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.02:*:enterprise:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.51:*:enterprise:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.03:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.04:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.51:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.02:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.05:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.0:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.11:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.5:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.06:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.01:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.52:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.07:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.10:*:premium:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.01:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.5:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.11:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.06:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.05:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.10:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.52:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.51:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.03:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.04:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.0:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.07:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.02:*:professional:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.21:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.25:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.23:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.2:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.22:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.1:*:premium:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.26:*:premium:*:*:*:*:*", "versionEndIncluding": "4.26", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.24:*:premium:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.0:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.02:*:professional:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.01:*:professional:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2012-0389"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cwe": ["CWE-79"], "description": "Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and earlier, 5.x before 5.53, and 6.x before 6.03 allows remote attackers to inject arbitrary web script or HTML via the Username parameter.", "edition": 5, "enchantments": {"dependencies": {"modified": "2020-10-03T12:05:59", "references": [{"idList": ["OPENVAS:1361412562310103388"], "type": "openvas"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"], "type": "nessus"}, {"idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"], "type": "exploitpack"}, {"idList": ["EDB-ID:18447", "EDB-ID:36547"], "type": "exploitdb"}], "rev": 2}, "exploitation": {"modified": "2020-10-03T12:05:59", "wildExploited": false, "wildExploitedSources": []}, "score": {"modified": "2020-10-03T12:05:59", "rev": 2, "value": 4.5, "vector": "NONE"}}, "hash": "22f40ee76daf9c36d5beb3600e48e6e26b8d860484e638f3b6a780f351fbcf7e", "hashmap": [{"hash": "25131d66a9f3961140b068f4b41aa42b", "key": "cvss2"}, {"hash": "ff09d8afa2a97f24b4269dee7d2cddf4", "key": "affectedSoftware"}, {"hash": "673ae3dcaa9be99662a7ec085c4d8779", "key": "references"}, {"hash": "a412936d944bcccb954aee6cf0cce4c0", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "be4180f472b42f94184a546d07ae03e1", "key": "href"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "dc1db2ff451981c50032c54bb22011ff", "key": "cvelist"}, {"hash": "99fa2cfef23750b1ff3c7e0ebdf65f2a", "key": "cpeConfiguration"}, {"hash": "173f292874ee9633e1339782bfa220f5", "key": "cpe23"}, {"hash": "902ea2d80de3657108b23079755b0a5f", "key": "cpe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "34e69e045b64924bccf865d56b6918a2", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "153a13889665a444a342ef7d1859e6d5", "key": "title"}, {"hash": "53392a7644fd76be7c6869cc55d6be75", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0389", "id": "CVE-2012-0389", "lastseen": "2020-10-03T12:05:59", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2012-01-24T18:55:00", "references": ["http://secunia.com/advisories/47562", "http://www.securitytracker.com/id?1026519", "http://secunia.com/advisories/47518", "http://www.nerv.fi/CVE-2012-0389.txt", "http://www.exploit-db.com/exploits/18447", "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567", "http://www.securityfocus.com/bid/51401", "http://osvdb.org/78242", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72380", "http://archives.neohapsis.com/archives/bugtraq/2012-01/0090.html"], "reporter": "cve@mitre.org", "title": "CVE-2012-0389", "type": "cve", "viewCount": 8}, "differentElements": ["affectedSoftware"], "edition": 5, "lastseen": "2020-10-03T12:05:59"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.53"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.53"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.72"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.7"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.16"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.16"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.17"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.17"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.71"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.06"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.06"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.06"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.78"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.73"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.6"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.6"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.07"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.07"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.07"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.2"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.2"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.61"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.61"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.21"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.17"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.15"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.15"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.62"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.62"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.79"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.26"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.75"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.53"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.00"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.18"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.05"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.05"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.05"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.6"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "le", "version": "4.26"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "le", "version": "4.26"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "le", "version": "4.26"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.63"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.63"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.2a"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.76"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.74"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.21"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.77"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.70"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.54"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.19"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.2"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:mailenable:mailenable:1.22", "cpe:/a:mailenable:mailenable:4.21", "cpe:/a:mailenable:mailenable:1.71", "cpe:/a:mailenable:mailenable:3.02", "cpe:/a:mailenable:mailenable:4.0", "cpe:/a:mailenable:mailenable:5.07", "cpe:/a:mailenable:mailenable:5.11", "cpe:/a:mailenable:mailenable:3.03", "cpe:/a:mailenable:mailenable:4.16", "cpe:/a:mailenable:mailenable:4.24", "cpe:/a:mailenable:mailenable:1.6", "cpe:/a:mailenable:mailenable:3.10", "cpe:/a:mailenable:mailenable:4.2", "cpe:/a:mailenable:mailenable:5.52", "cpe:/a:mailenable:mailenable:3.52", "cpe:/a:mailenable:mailenable:5.0", "cpe:/a:mailenable:mailenable:1.18", "cpe:/a:mailenable:mailenable:5.5", "cpe:/a:mailenable:mailenable:1.02", "cpe:/a:mailenable:mailenable:1.73", "cpe:/a:mailenable:mailenable:1.17", "cpe:/a:mailenable:mailenable:3.11", "cpe:/a:mailenable:mailenable:3.53", "cpe:/a:mailenable:mailenable:5.03", "cpe:/a:mailenable:mailenable:1.79", "cpe:/a:mailenable:mailenable:3.5", "cpe:/a:mailenable:mailenable:5.02", "cpe:/a:mailenable:mailenable:4.15", "cpe:/a:mailenable:mailenable:4.17", "cpe:/a:mailenable:mailenable:5.51", "cpe:/a:mailenable:mailenable:3.62", "cpe:/a:mailenable:mailenable:4.14", "cpe:/a:mailenable:mailenable:4.1", "cpe:/a:mailenable:mailenable:1.03", "cpe:/a:mailenable:mailenable:3.6", "cpe:/a:mailenable:mailenable:4.23", "cpe:/a:mailenable:mailenable:1.52", "cpe:/a:mailenable:mailenable:1.01", "cpe:/a:mailenable:mailenable:1.26", "cpe:/a:mailenable:mailenable:1.76", "cpe:/a:mailenable:mailenable:1.7", "cpe:/a:mailenable:mailenable:1.19", "cpe:/a:mailenable:mailenable:1.24", "cpe:/a:mailenable:mailenable:4.22", "cpe:/a:mailenable:mailenable:4.25", "cpe:/a:mailenable:mailenable:1.21", "cpe:/a:mailenable:mailenable:1.2", "cpe:/a:mailenable:mailenable:1.25", "cpe:/a:mailenable:mailenable:3.63", "cpe:/a:mailenable:mailenable:6.02", "cpe:/a:mailenable:mailenable:5.04", "cpe:/a:mailenable:mailenable:1.53", "cpe:/a:mailenable:mailenable:3.14", "cpe:/a:mailenable:mailenable:1.5", "cpe:/a:mailenable:mailenable:6.01", "cpe:/a:mailenable:mailenable:5.05", "cpe:/a:mailenable:mailenable:1.54", "cpe:/a:mailenable:mailenable:1.72", "cpe:/a:mailenable:mailenable:3.61", "cpe:/a:mailenable:mailenable:3.04", "cpe:/a:mailenable:mailenable:1.74", "cpe:/a:mailenable:mailenable:3.12", "cpe:/a:mailenable:mailenable:3.13", "cpe:/a:mailenable:mailenable:5.06", "cpe:/a:mailenable:mailenable:3.51", "cpe:/a:mailenable:mailenable:4.01", "cpe:/a:mailenable:mailenable:3.01", "cpe:/a:mailenable:mailenable:1.78", "cpe:/a:mailenable:mailenable:1.23", "cpe:/a:mailenable:mailenable:4.13", "cpe:/a:mailenable:mailenable:4.12", "cpe:/a:mailenable:mailenable:4.11", "cpe:/a:mailenable:mailenable:4.26", "cpe:/a:mailenable:mailenable:1.2a", "cpe:/a:mailenable:mailenable:6.0", "cpe:/a:mailenable:mailenable:3.0", "cpe:/a:mailenable:mailenable:1.51", "cpe:/a:mailenable:mailenable:1.70", "cpe:/a:mailenable:mailenable:1.00", "cpe:/a:mailenable:mailenable:5.01", "cpe:/a:mailenable:mailenable:1.75", "cpe:/a:mailenable:mailenable:1.77", "cpe:/a:mailenable:mailenable:5.10", "cpe:/a:mailenable:mailenable:1.04", "cpe:/a:mailenable:mailenable:1.1"], "cpe23": ["cpe:2.3:a:mailenable:mailenable:1.04:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.63:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.75:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.51:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.16:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.14:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.79:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.0:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.01:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.71:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.17:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.14:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.15:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.15:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.73:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.61:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.77:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.03:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.6:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.76:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.53:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.19:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.5:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.23:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.7:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.02:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.0:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.13:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.24:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.13:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.62:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.78:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.21:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.26:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.11:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.11:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.54:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.74:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.12:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.02:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.13:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.0:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.03:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.22:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.16:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.25:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.03:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.63:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.61:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.04:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.14:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.51:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.13:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.17:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.18:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.2:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.70:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.10:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.53:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.01:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.5:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.12:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.00:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.0:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.11:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.5:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.26:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.72:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.6:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.53:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.1:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.04:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.10:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.12:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.01:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.26:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.21:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.12:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.01:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.51:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.11:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.14:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2a:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.62:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.6:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.26:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.17:*:professional:*:*:*:*:*"], "cpeConfiguration": {}, "cvelist": ["CVE-2012-0389"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cwe": ["CWE-79"], "description": "Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and earlier, 5.x before 5.53, and 6.x before 6.03 allows remote attackers to inject arbitrary web script or HTML via the Username parameter.", "edition": 4, "enchantments": {"dependencies": {"modified": "2020-09-21T14:12:33", "references": [{"idList": ["OPENVAS:1361412562310103388"], "type": "openvas"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"], "type": "nessus"}, {"idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"], "type": "exploitpack"}, {"idList": ["EDB-ID:18447", "EDB-ID:36547"], "type": "exploitdb"}], "rev": 2}, "score": {"modified": "2020-09-21T14:12:33", "rev": 2, "value": 4.5, "vector": "NONE"}}, "hash": "24dc43708aa13e80657cb85074879b33e674de5d3082439237d515c161bb6da3", "hashmap": [{"hash": "25131d66a9f3961140b068f4b41aa42b", "key": "cvss2"}, {"hash": "ff09d8afa2a97f24b4269dee7d2cddf4", "key": "affectedSoftware"}, {"hash": "673ae3dcaa9be99662a7ec085c4d8779", "key": "references"}, {"hash": "a412936d944bcccb954aee6cf0cce4c0", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "be4180f472b42f94184a546d07ae03e1", "key": "href"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "dc1db2ff451981c50032c54bb22011ff", "key": "cvelist"}, {"hash": "173f292874ee9633e1339782bfa220f5", "key": "cpe23"}, {"hash": "902ea2d80de3657108b23079755b0a5f", "key": "cpe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "34e69e045b64924bccf865d56b6918a2", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "153a13889665a444a342ef7d1859e6d5", "key": "title"}, {"hash": "53392a7644fd76be7c6869cc55d6be75", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0389", "id": "CVE-2012-0389", "lastseen": "2020-09-21T14:12:33", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2012-01-24T18:55:00", "references": ["http://secunia.com/advisories/47562", "http://www.securitytracker.com/id?1026519", "http://secunia.com/advisories/47518", "http://www.nerv.fi/CVE-2012-0389.txt", "http://www.exploit-db.com/exploits/18447", "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567", "http://www.securityfocus.com/bid/51401", "http://osvdb.org/78242", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72380", "http://archives.neohapsis.com/archives/bugtraq/2012-01/0090.html"], "reporter": "cve@mitre.org", "title": "CVE-2012-0389", "type": "cve", "viewCount": 6}, "differentElements": ["cpeConfiguration"], "edition": 4, "lastseen": "2020-09-21T14:12:33"}], "edition": 9, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "ff09d8afa2a97f24b4269dee7d2cddf4"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "902ea2d80de3657108b23079755b0a5f"}, {"key": "cpe23", "hash": "173f292874ee9633e1339782bfa220f5"}, {"key": "cpeConfiguration", "hash": "da18111362e746ef9451c02dbd2a576e"}, {"key": "cvelist", "hash": "dc1db2ff451981c50032c54bb22011ff"}, {"key": "cvss", "hash": "f74a1c24e49a5ecb0eefb5e51d4caa14"}, {"key": "cvss2", "hash": "25131d66a9f3961140b068f4b41aa42b"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "34e69e045b64924bccf865d56b6918a2"}, {"key": "description", "hash": "a412936d944bcccb954aee6cf0cce4c0"}, {"key": "extraReferences", "hash": "8c1138d66a45bffb7eb0561f591661de"}, {"key": "href", "hash": "be4180f472b42f94184a546d07ae03e1"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "79f130ef461e5fcadeacc002df89c60a"}, {"key": "published", "hash": "53392a7644fd76be7c6869cc55d6be75"}, {"key": "references", "hash": "673ae3dcaa9be99662a7ec085c4d8779"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "153a13889665a444a342ef7d1859e6d5"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "75702755561630b7d4298ab02c3e2be5435a8eff6a47194ee095f4b57f49c975", "viewCount": 16, "enchantments": {"dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103388"]}, {"type": "nessus", "idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"]}, {"type": "exploitdb", "idList": ["EDB-ID:36547", "EDB-ID:18447"]}, {"type": "seebug", "idList": ["SSV:72551"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108640"]}], "modified": "2021-04-22T23:28:15", "rev": 2}, "score": {"value": 4.5, "vector": "NONE", "modified": "2021-04-22T23:28:15", "rev": 2}}, "objectVersion": "1.5", "cpe": ["cpe:/a:mailenable:mailenable:1.22", "cpe:/a:mailenable:mailenable:4.21", "cpe:/a:mailenable:mailenable:1.71", "cpe:/a:mailenable:mailenable:3.02", "cpe:/a:mailenable:mailenable:4.0", "cpe:/a:mailenable:mailenable:5.07", "cpe:/a:mailenable:mailenable:5.11", "cpe:/a:mailenable:mailenable:3.03", "cpe:/a:mailenable:mailenable:4.16", "cpe:/a:mailenable:mailenable:4.24", "cpe:/a:mailenable:mailenable:1.6", "cpe:/a:mailenable:mailenable:3.10", "cpe:/a:mailenable:mailenable:4.2", "cpe:/a:mailenable:mailenable:5.52", "cpe:/a:mailenable:mailenable:3.52", "cpe:/a:mailenable:mailenable:5.0", "cpe:/a:mailenable:mailenable:1.18", "cpe:/a:mailenable:mailenable:5.5", "cpe:/a:mailenable:mailenable:1.02", "cpe:/a:mailenable:mailenable:1.73", "cpe:/a:mailenable:mailenable:1.17", "cpe:/a:mailenable:mailenable:3.11", "cpe:/a:mailenable:mailenable:3.53", "cpe:/a:mailenable:mailenable:5.03", "cpe:/a:mailenable:mailenable:1.79", "cpe:/a:mailenable:mailenable:3.5", "cpe:/a:mailenable:mailenable:5.02", "cpe:/a:mailenable:mailenable:4.15", "cpe:/a:mailenable:mailenable:4.17", "cpe:/a:mailenable:mailenable:5.51", "cpe:/a:mailenable:mailenable:3.62", "cpe:/a:mailenable:mailenable:4.14", "cpe:/a:mailenable:mailenable:4.1", "cpe:/a:mailenable:mailenable:1.03", "cpe:/a:mailenable:mailenable:3.6", "cpe:/a:mailenable:mailenable:4.23", "cpe:/a:mailenable:mailenable:1.52", "cpe:/a:mailenable:mailenable:1.01", "cpe:/a:mailenable:mailenable:1.26", "cpe:/a:mailenable:mailenable:1.76", "cpe:/a:mailenable:mailenable:1.7", "cpe:/a:mailenable:mailenable:1.19", "cpe:/a:mailenable:mailenable:1.24", "cpe:/a:mailenable:mailenable:4.22", "cpe:/a:mailenable:mailenable:4.25", "cpe:/a:mailenable:mailenable:1.21", "cpe:/a:mailenable:mailenable:1.2", "cpe:/a:mailenable:mailenable:1.25", "cpe:/a:mailenable:mailenable:3.63", "cpe:/a:mailenable:mailenable:6.02", "cpe:/a:mailenable:mailenable:5.04", "cpe:/a:mailenable:mailenable:1.53", "cpe:/a:mailenable:mailenable:3.14", "cpe:/a:mailenable:mailenable:1.5", "cpe:/a:mailenable:mailenable:6.01", "cpe:/a:mailenable:mailenable:5.05", "cpe:/a:mailenable:mailenable:1.54", "cpe:/a:mailenable:mailenable:1.72", "cpe:/a:mailenable:mailenable:3.61", "cpe:/a:mailenable:mailenable:3.04", "cpe:/a:mailenable:mailenable:1.74", "cpe:/a:mailenable:mailenable:3.12", "cpe:/a:mailenable:mailenable:3.13", "cpe:/a:mailenable:mailenable:5.06", "cpe:/a:mailenable:mailenable:3.51", "cpe:/a:mailenable:mailenable:4.01", "cpe:/a:mailenable:mailenable:3.01", "cpe:/a:mailenable:mailenable:1.78", "cpe:/a:mailenable:mailenable:1.23", "cpe:/a:mailenable:mailenable:4.13", "cpe:/a:mailenable:mailenable:4.12", "cpe:/a:mailenable:mailenable:4.11", "cpe:/a:mailenable:mailenable:4.26", "cpe:/a:mailenable:mailenable:1.2a", "cpe:/a:mailenable:mailenable:6.0", "cpe:/a:mailenable:mailenable:3.0", "cpe:/a:mailenable:mailenable:1.51", "cpe:/a:mailenable:mailenable:1.70", "cpe:/a:mailenable:mailenable:1.00", "cpe:/a:mailenable:mailenable:5.01", "cpe:/a:mailenable:mailenable:1.75", "cpe:/a:mailenable:mailenable:1.77", "cpe:/a:mailenable:mailenable:5.10", "cpe:/a:mailenable:mailenable:1.04", "cpe:/a:mailenable:mailenable:1.1"], "affectedSoftware": [{"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.53"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.53"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.72"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.7"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.16"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.16"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.17"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.17"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.71"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.06"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.06"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.06"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.78"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.73"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.1"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.6"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.6"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.07"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.07"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.07"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.12"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.2"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.2"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.61"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.61"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.21"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.17"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.03"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.14"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.15"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.15"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.62"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.62"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.79"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.26"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.75"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.51"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.53"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.00"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.18"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.24"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.05"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.05"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.05"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.6"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.01"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "le", "version": "4.26"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "le", "version": "4.26"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "le", "version": "4.26"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.10"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.63"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.63"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.25"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.22"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.04"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.2a"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.76"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "5.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.74"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.02"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "6.0"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.23"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.21"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.77"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.70"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.13"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.5"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.54"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.11"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "1.19"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "4.2"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}, {"cpeName": "mailenable:mailenable", "name": "mailenable", "operator": "eq", "version": "3.52"}], "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cpe23": ["cpe:2.3:a:mailenable:mailenable:1.04:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.63:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.75:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.51:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.16:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.14:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.79:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.0:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.01:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.71:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.17:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.14:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.15:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.15:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.73:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.61:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.77:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.03:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.6:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.76:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.53:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.19:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.5:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.23:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.7:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.02:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.22:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.0:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.13:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.24:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.13:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.5:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.62:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.78:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.21:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.26:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.11:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.11:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.54:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.74:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.12:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.02:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.13:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.0:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.03:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.22:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.16:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.25:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.03:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.63:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.23:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.61:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.04:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.14:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.51:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.52:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.13:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.17:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.18:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.1:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.05:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.2:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.70:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.04:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.10:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.53:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.01:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.5:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.12:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.00:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.0:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.11:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.5:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.07:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.25:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.26:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.72:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.10:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.03:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.6:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.53:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.1:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.04:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.10:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.24:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.0:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.12:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.11:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.01:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.52:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.01:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.26:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.21:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.12:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.01:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.02:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.51:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:5.06:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.51:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.11:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:4.14:-:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.2a:*:professional:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.01:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.62:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:6.0:*:premium:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:3.6:-:pro:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.26:*:enterprise:*:*:*:*:*", "cpe:2.3:a:mailenable:mailenable:1.17:*:professional:*:*:*:*:*"], "cwe": ["CWE-79"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.62:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.6:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.52:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.11:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.12:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.01:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.70:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.2a:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.18:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.0:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.11:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.63:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.0:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.54:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.53:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.25:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.72:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.79:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.75:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.52:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.03:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.7:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.61:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.23:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.74:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.73:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.10:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.2:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.5:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.52:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.26:-:pro:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.26", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.5:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.77:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.14:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.02:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.17:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.76:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.71:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.19:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.51:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.24:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.17:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.53:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.13:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.51:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.12:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.14:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.01:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.1:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.13:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.16:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.15:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.6:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.78:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.22:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.04:-:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.5:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.06:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.01:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.07:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.03:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.02:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.10:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.52:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.51:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.05:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.11:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.04:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.0:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.01:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.02:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.0:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.0:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.01:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.02:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.52:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.07:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.06:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.01:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.0:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.04:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.10:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.02:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.51:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.5:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.11:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.05:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.03:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.12:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.13:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.10:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.25:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.04:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.01:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.22:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.21:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.24:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.13:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.14:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.17:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.52:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.51:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.03:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.11:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.00:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.22:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.12:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.01:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.11:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.24:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.16:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.15:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.53:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.14:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.62:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.02:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.23:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.26:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.52:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.02:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.01:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.0:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.5:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.03:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.0:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.1:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.2:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.6:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.61:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.1:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.23:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:1.04:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.25:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.26:-:enterprise:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.26", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:3.63:-:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.02:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.05:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.07:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.52:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.06:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.51:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.03:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.04:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.0:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.10:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.11:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.01:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:5.5:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.02:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.01:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:6.0:*:professional:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.21:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.24:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.23:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.26:*:premium:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.26", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.25:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.1:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.22:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable:4.2:*:premium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "78242", "refsource": "OSVDB", "tags": [], "url": "http://osvdb.org/78242"}, {"name": "47518", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47518"}, {"name": "18447", "refsource": "EXPLOIT-DB", "tags": [], "url": "http://www.exploit-db.com/exploits/18447"}, {"name": "20120112 ME020567: MailEnable webmail cross-site scripting vulnerability CVE-2012-0389", "refsource": "BUGTRAQ", "tags": ["Exploit"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-01/0090.html"}, {"name": "mailenable-forgottenpassword-xss(72380)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72380"}, {"name": "1026519", "refsource": "SECTRACK", "tags": ["Exploit"], "url": "http://www.securitytracker.com/id?1026519"}, {"name": "47562", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47562"}, {"name": "51401", "refsource": "BID", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/51401"}, {"name": "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567"}, {"name": "http://www.nerv.fi/CVE-2012-0389.txt", "refsource": "MISC", "tags": ["Exploit"], "url": "http://www.nerv.fi/CVE-2012-0389.txt"}], "immutableFields": []}], "packetstorm": [{"id": "PACKETSTORM:108640", "hash": "0fb244820b96f62c8d3b0f533d839451", "type": "packetstorm", "bulletinFamily": "exploit", "title": "MailEnable Webmail Cross Site Scripting", "description": "", "published": "2012-01-13T00:00:00", "modified": "2012-01-13T00:00:00", "cvss": {"vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/", "score": 4.3}, "href": "https://packetstormsecurity.com/files/108640/MailEnable-Webmail-Cross-Site-Scripting.html", "reporter": "Narendra Shinde", "references": [], "cvelist": ["CVE-2012-0389"], "lastseen": "2016-12-05T22:12:25", "history": [], "viewCount": 29, "enchantments": {"score": {"value": 5.2, "vector": "NONE", "modified": "2016-12-05T22:12:25", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-0389"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"]}, {"type": "exploitdb", "idList": ["EDB-ID:36547", "EDB-ID:18447"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103388"]}, {"type": "nessus", "idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"]}, {"type": "seebug", "idList": ["SSV:72551"]}], "modified": "2016-12-05T22:12:25", "rev": 2}}, "objectVersion": "1.4", "sourceHref": "https://packetstormsecurity.com/files/download/108640/ME020567.txt", "sourceData": "`ME020567: MailEnable webmail cross-site scripting vulnerability (CWE-79) \nReferences: CVE-2012-0389 \nDiscovered by: Sajjad Pourali, Narendra Shinde and Shahab NamaziKhah \nVendor advisory: http://www.mailenable.com/kb/Content/Article.asp?ID=me020567 \nVendor contact: 2012-01-04 09:49:36 UTC \nVendor response: 2012-01-04 10:27:13 UTC (Peter Fregon from MailEnable) \nVendor fix and announcement: 2012-01-10 00:50:31 UTC \n \nVulnerability description: \n \nMailEnable <http://www.mailenable.com/> Professional and Enterprise versions are prone to cross-site scripting vulnerabilities as the user-supplied input received via \"Username\" parameter of \"ForgottonPassword.aspx\" page is not properly sanitized. A specially crafted URL which a user clicks could gain access to the users cookies for webmail or execute other malicious code in users browser in context of the domain in use. \n \nRemote: yes \nAuthentication required: no \nUser interaction required: yes \n \nAffected: \n \n- MailEnable Professional, Enterprise & Premium 4.26 and earlier \n- MailEnable Professional, Enterprise & Premium 5.52 and earlier \n- MailEnable Professional, Enterprise & Premium 6.02 and earlier \n \nNot affected: \n \n- MailEnable Standard is not affected. \n \nPoC: \n \nhttp://example.com/mewebmail/Mondo/lang/sys/ForgottenPassword.aspx?Username='};alert(/XSS/);{' \n \nResolution: \n \nUsers of MailEnable 5 and 6 can resolve the issue by upgrading to version 5.53 or 6.03 or later. Alternatively, and for version 4 users, the following fix can be applied: \n \n1) Open the ForgottenPassword.aspx file in Notepad. This file is in the Mail Enable\\bin\\NETWebMail\\Mondo\\lang\\[language] folders in version 4 and in Mail Enable\\bin\\NETWebMail\\Mondo\\lang\\sys in version 5 and 6. \n2) Locate and remove the following line, then save the file: document.getElementById(\"txtUsername\").value = '<%= Request.Item(\"Username\") %>'; \n \n- Henri Salo \n \n`\n", "_object_type": "robots.models.packetstorm.PacketstormBulletin", "_object_types": ["robots.models.packetstorm.PacketstormBulletin", "robots.models.base.Bulletin"]}], "exploitdb": [{"id": "EDB-ID:36547", "hash": "fee70dac5508e4fe02596883f7ba1142299263d7eaf9734c586b5cea5592a917", "type": "exploitdb", "bulletinFamily": "exploit", "title": "MailEnable <= 6.02 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability", "description": "MailEnable 6.02 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability. CVE-2012-0389. Webapps exploit for asp platform", "published": "2012-01-12T00:00:00", "modified": "2012-01-12T00:00:00", "cvss": {"vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/", "score": 4.3}, "href": "https://www.exploit-db.com/exploits/36547/", "reporter": "Sajjad Pourali", "references": [], "cvelist": ["CVE-2012-0389"], "lastseen": "2016-02-04T03:46:17", "history": [{"lastseen": "2016-02-04T03:46:17", "different_elements": ["cvss2"], "edition": 1, "bulletin": {"lastseen": "2016-02-04T03:46:17", "references": [], "description": "MailEnable 6.02 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability. CVE-2012-0389. Webapps exploit for asp platform", "edition": 1, "cvss3": {}, "reporter": "Sajjad Pourali", "history": [], "published": "2012-01-12T00:00:00", "enchantments": {"score": {"rev": 2, "modified": "2016-02-04T03:46:17", "vector": "NONE", "value": 4.7}, "dependencies": {"rev": 2, "references": [{"idList": ["EDB-ID:18447"], "type": "exploitdb"}, {"idList": ["OPENVAS:1361412562310103388"], "type": "openvas"}, {"idList": ["CVE-2012-0389"], "type": "cve"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"], "type": "nessus"}, {"idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"], "type": "exploitpack"}], "modified": "2016-02-04T03:46:17"}}, "title": "MailEnable <= 6.02 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability", "type": "exploitdb", "objectVersion": "1.5", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2012-0389"], "immutableFields": [], "modified": "2012-01-12T00:00:00", "href": "https://www.exploit-db.com/exploits/36547/", "id": "EDB-ID:36547", "viewCount": 27, "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "hashmap": [{"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "4589d63e4cdd82cd5b69d97e5c556426", "key": "published"}, {"hash": "dc1db2ff451981c50032c54bb22011ff", "key": "cvelist"}, {"hash": "916b5dbd201b469998d9b4a4c8bc4e08", "key": "type"}, {"hash": "75df3ae3f855f6fb5e1c9dbff32e0261", "key": "href"}, {"hash": "3139bf120f3a22b23458a1e87691a51e", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss2"}, {"hash": "0a15874acba2d2ad97ea779cf683e51d", "key": "description"}, {"hash": "c9eb7d233e695789b5121f2863393ee6", "key": "title"}, {"hash": "4589d63e4cdd82cd5b69d97e5c556426", "key": "modified"}], "hash": "19c4522d79c607ffb11d07133862e521580530aa8da062b0a848c7ef43123666"}}], "viewCount": 27, "enchantments": {"score": {"value": 4.7, "vector": "NONE", "modified": "2016-02-04T03:46:17", "rev": 2}, "dependencies": {"references": [{"idList": ["EDB-ID:18447"], "type": "exploitdb"}, {"idList": ["OPENVAS:1361412562310103388"], "type": "openvas"}, {"idList": ["CVE-2012-0389"], "type": "cve"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"], "type": "nessus"}, {"idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"], "type": "exploitpack"}], "modified": "2016-02-04T03:46:17", "rev": 2}, "exploitation": {"wildExploited": false, "wildExploitedSources": [], "modified": "2016-02-04T03:46:17"}}, "objectVersion": "1.5", "sourceHref": "https://www.exploit-db.com/download/36547/", "sourceData": "source: http://www.securityfocus.com/bid/51401/info\r\n\r\nMailEnable is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.\r\n\r\nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.\r\n\r\nThe following MailEnable versions are vulnerable:\r\nProfessional, Enterprise, and Premium 4.26 and prior versions\r\nProfessional, Enterprise, and Premium 5.52 and prior versions\r\nProfessional, Enterprise, and Premium 6.02 and prior versions \r\n\r\nhttp://example.com/mewebmail/Mondo/lang/sys/ForgottenPassword.aspx?Username=[xss] ", "osvdbidlist": ["78242"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "scheme": null, "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "edition": 2, "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "dc1db2ff451981c50032c54bb22011ff"}, {"key": "cvss", "hash": "6e9bdd2021503689a2ad9254c9cdf2b3"}, {"key": "cvss2", "hash": "25131d66a9f3961140b068f4b41aa42b"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "description", "hash": "0a15874acba2d2ad97ea779cf683e51d"}, {"key": "href", "hash": "75df3ae3f855f6fb5e1c9dbff32e0261"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "4589d63e4cdd82cd5b69d97e5c556426"}, {"key": "published", "hash": "4589d63e4cdd82cd5b69d97e5c556426"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "3139bf120f3a22b23458a1e87691a51e"}, {"key": "title", "hash": "c9eb7d233e695789b5121f2863393ee6"}, {"key": "type", "hash": "916b5dbd201b469998d9b4a4c8bc4e08"}]}, {"id": "EDB-ID:18447", "hash": "9445d386cd841d33215e7bf9c8a30f33ea802cd5035681e23bb3e6d0caa5faab", "type": "exploitdb", "bulletinFamily": "exploit", "title": "MailEnable Webmail Cross-Site Scripting Vulnerability", "description": "MailEnable Webmail Cross-Site Scripting Vulnerability. CVE-2012-0389. Webapps exploit for asp platform", "published": "2012-01-13T00:00:00", "modified": "2012-01-13T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.exploit-db.com/exploits/18447/", "reporter": "Sajjad Pourali", "references": [], "cvelist": ["CVE-2012-0389"], "lastseen": "2016-02-02T09:45:03", "history": [{"lastseen": "2016-02-02T09:45:03", "different_elements": ["cvss2"], "edition": 1, "bulletin": {"lastseen": "2016-02-02T09:45:03", "references": [], "description": "MailEnable Webmail Cross-Site Scripting Vulnerability. CVE-2012-0389. Webapps exploit for asp platform", "edition": 1, "cvss3": {}, "reporter": "Sajjad Pourali", "history": [], "published": "2012-01-13T00:00:00", "enchantments": {"score": {"rev": 2, "modified": "2016-02-02T09:45:03", "vector": "NONE", "value": 5.1}, "dependencies": {"rev": 2, "references": [{"idList": ["OPENVAS:1361412562310103388"], "type": "openvas"}, {"idList": ["CVE-2012-0389"], "type": "cve"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"], "type": "nessus"}, {"idList": ["EDB-ID:36547"], "type": "exploitdb"}, {"idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"], "type": "exploitpack"}], "modified": "2016-02-02T09:45:03"}}, "title": "MailEnable Webmail Cross-Site Scripting Vulnerability", "type": "exploitdb", "objectVersion": "1.5", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2012-0389"], "immutableFields": [], "modified": "2012-01-13T00:00:00", "href": "https://www.exploit-db.com/exploits/18447/", "id": "EDB-ID:18447", "viewCount": 13, "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "hashmap": [{"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "dc458864edb54b5f0b4539660f29c6cb", "key": "modified"}, {"hash": "54e4dce5f22037e12054c3b059928d0d", "key": "title"}, {"hash": "dc1db2ff451981c50032c54bb22011ff", "key": "cvelist"}, {"hash": "916b5dbd201b469998d9b4a4c8bc4e08", "key": "type"}, {"hash": "3139bf120f3a22b23458a1e87691a51e", "key": "reporter"}, {"hash": "dc458864edb54b5f0b4539660f29c6cb", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss2"}, {"hash": "f2ccf3a4c7f632e2f886663084b7ee5a", "key": "description"}, {"hash": "0a1edce00b865e61b929733a420acd3f", "key": "href"}], "hash": "6fc60f2a8fae9153790314075efc316f9c03cd3188807be7b7640ca4e1c94864"}}], "viewCount": 13, "enchantments": {"score": {"value": 5.1, "vector": "NONE", "modified": "2016-02-02T09:45:03", "rev": 2}, "dependencies": {"references": [{"idList": ["OPENVAS:1361412562310103388"], "type": "openvas"}, {"idList": ["CVE-2012-0389"], "type": "cve"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"], "type": "nessus"}, {"idList": ["EDB-ID:36547"], "type": "exploitdb"}, {"idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"], "type": "exploitpack"}], "modified": "2016-02-02T09:45:03", "rev": 2}, "exploitation": {"wildExploited": false, "wildExploitedSources": [], "modified": "2016-02-02T09:45:03"}}, "objectVersion": "1.5", "sourceHref": "https://www.exploit-db.com/download/18447/", "sourceData": "ME020567: MailEnable webmail cross-site scripting vulnerability (CWE-79)\r\nReferences: CVE-2012-0389\r\nDiscovered by: Sajjad Pourali, Narendra Shinde and Shahab NamaziKhah\r\nVendor advisory: http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\r\nVendor contact: 2012-01-04 09:49:36 UTC\r\nVendor response: 2012-01-04 10:27:13 UTC (Peter Fregon from MailEnable)\r\nVendor fix and announcement: 2012-01-10 00:50:31 UTC\r\n\r\nVulnerability description:\r\n\r\nMailEnable <http://www.mailenable.com/> Professional and Enterprise versions are prone to cross-site scripting vulnerabilities as the user-supplied input received via \"Username\" parameter of \"ForgottonPassword.aspx\" page is not properly sanitized. A specially crafted URL which a user clicks could gain access to the users cookies for webmail or execute other malicious code in users browser in context of the domain in use.\r\n\r\nRemote: yes\r\nAuthentication required: no\r\nUser interaction required: yes\r\n\r\nAffected:\r\n\r\n- MailEnable Professional, Enterprise & Premium 4.26 and earlier\r\n- MailEnable Professional, Enterprise & Premium 5.52 and earlier\r\n- MailEnable Professional, Enterprise & Premium 6.02 and earlier\r\n\r\nNot affected:\r\n\r\n- MailEnable Standard is not affected.\r\n\r\nPoC:\r\n\r\nhttp://server/mewebmail/Mondo/lang/sys/ForgottenPassword.aspx?Username='};alert(/XSS/);{'\r\n\r\nResolution:\r\n\r\nUsers of MailEnable 5 and 6 can resolve the issue by upgrading to version 5.53 or 6.03 or later. Alternatively, and for version 4 users, the following fix can be applied:\r\n\r\n1) Open the ForgottenPassword.aspx file in Notepad. This file is in the Mail Enable\\bin\\NETWebMail\\Mondo\\lang\\[language] folders in version 4 and in Mail Enable\\bin\\NETWebMail\\Mondo\\lang\\sys in version 5 and 6.\r\n2) Locate and remove the following line, then save the file: document.getElementById(\"txtUsername\").value = '<%= Request.Item(\"Username\") %>';", "osvdbidlist": ["78242"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "scheme": null, "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "edition": 2, "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "dc1db2ff451981c50032c54bb22011ff"}, {"key": "cvss", "hash": "6e9bdd2021503689a2ad9254c9cdf2b3"}, {"key": "cvss2", "hash": "25131d66a9f3961140b068f4b41aa42b"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "description", "hash": "f2ccf3a4c7f632e2f886663084b7ee5a"}, {"key": "href", "hash": "0a1edce00b865e61b929733a420acd3f"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "dc458864edb54b5f0b4539660f29c6cb"}, {"key": "published", "hash": "dc458864edb54b5f0b4539660f29c6cb"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "3139bf120f3a22b23458a1e87691a51e"}, {"key": "title", "hash": "54e4dce5f22037e12054c3b059928d0d"}, {"key": "type", "hash": "916b5dbd201b469998d9b4a4c8bc4e08"}]}], "openvas": [{"id": "OPENVAS:1361412562310103388", "hash": "9954c445fac78b2458a56e3f8b9b7c18", "type": "openvas", "bulletinFamily": "scanner", "title": "MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability", "description": "MailEnable is prone to a cross-site scripting vulnerability because it\n fails to properly sanitize user-supplied input.", "published": "2012-01-13T00:00:00", "modified": "2020-05-06T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103388", "reporter": "Copyright (C) 2012 Greenbone Networks GmbH", "references": ["http://www.mailenable.com/kb/Content/Article.asp?ID=me020567", "http://www.securityfocus.com/bid/51401"], "cvelist": ["CVE-2012-0389"], "lastseen": "2020-05-08T19:07:41", "history": [{"bulletin": {"id": "OPENVAS:1361412562310103388", "hash": "b86fa18501e089267b460a94535b85ec9a8ba9dc5e7d6c47cd4594918de35227", "type": "openvas", "bulletinFamily": "scanner", "title": "MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability", "description": "MailEnable is prone to a cross-site scripting vulnerability because it\n fails to properly sanitize user-supplied input.", "published": "2012-01-13T00:00:00", "modified": "2017-04-20T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103388", "reporter": "This script is Copyright (C) 2012 Greenbone Networks GmbH", "references": ["http://www.mailenable.com/kb/Content/Article.asp?ID=me020567", "http://www.securityfocus.com/bid/51401", "http://www.mailenable.com/"], "cvelist": ["CVE-2012-0389"], "lastseen": "2017-07-02T21:10:29", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310103388", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mailenable_51401.nasl 5992 2017-04-20 14:42:07Z cfi $\n#\n# MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103388\");\n script_version(\"$Revision: 5992 $\");\n script_bugtraq_id(51401);\n script_cve_id(\"CVE-2012-0389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-20 16:42:07 +0200 (Thu, 20 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-13 10:03:24 +0100 (Fri, 13 Jan 2012)\");\n script_name(\"MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability\");\n script_category(ACT_ATTACK);\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"find_service.nasl\", \"http_version.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/51401\");\n script_xref(name:\"URL\", value:\"http://www.mailenable.com/\");\n script_xref(name:\"URL\", value:\"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\");\n\n tag_summary = \"MailEnable is prone to a cross-site scripting vulnerability because it\n fails to properly sanitize user-supplied input.\";\n\n tag_impact = \"An attacker may leverage this issue to execute arbitrary script code\n in the browser of an unsuspecting user in the context of the affected\n site. This may allow the attacker to steal cookie-based authentication\n credentials and launch other attacks.\";\n\n tag_affected = \"The following MailEnable versions are vulnerable: Professional,\n Enterprise, and Premium 4.26 and prior versions Professional,\n Enterprise, and Premium 5.52 and prior versions Professional,\n Enterprise, and Premium 6.02 and prior versions\";\n\n tag_solution = \"Vendor updates are available. Please see the references for details.\";\n\n script_tag(name:\"summary\", value:tag_summary);\n script_tag(name:\"impact\", value:tag_impact);\n script_tag(name:\"affected\", value:tag_impact);\n script_tag(name:\"solution\", value:tag_solution);\n\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\n \nport = get_http_port( default:80 );\nif( ! can_host_asp( port:port ) ) exit( 0 );\n\nforeach dir( make_list_unique( \"/mail\", \"/webmail\", cgi_dirs( port:port ) ) ) {\n\n if( dir == \"/\" ) dir = \"\";\n url = dir + \"/Mondo/lang/sys/login.aspx\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<title>MailEnable\" ) ) {\n\n url = dir + \"/Mondo/lang/sys/ForgottenPassword.aspx?Username=></script><script>alert(/openvas-xss-test/)</script>\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<script>alert\\(/openvas-xss-test/\\)</script>\", check_header:TRUE ) ) {\n report = report_vuln_url( port:port, url:url );\n security_message( port:port, data:report );\n exit( 0 );\n }\n }\n}\n\nexit( 99 );\n", "naslFamily": "Web application abuses"}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2017-07-02T21:10:29"}, {"bulletin": {"id": "OPENVAS:1361412562310103388", "hash": "a55e448bf89a8518d5a1bd02a818816fcbdbb3389c813c7bfbfbcb773218008d", "type": "openvas", "bulletinFamily": "scanner", "title": "MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability", "description": "MailEnable is prone to a cross-site scripting vulnerability because it\n fails to properly sanitize user-supplied input.", "published": "2012-01-13T00:00:00", "modified": "2020-05-07T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103388", "reporter": "Copyright (C) 2012 Greenbone Networks GmbH", "references": ["http://www.mailenable.com/kb/Content/Article.asp?ID=me020567", "http://www.securityfocus.com/bid/51401"], "cvelist": ["CVE-2012-0389"], "lastseen": "2020-05-08T11:04:50", "history": [], "viewCount": 3, "enchantments": {"dependencies": {"modified": "2020-05-08T11:04:50", "references": [{"idList": ["CVE-2012-0389"], "type": "cve"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"], "type": "nessus"}, {"idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"], "type": "exploitpack"}, {"idList": ["EDB-ID:18447", "EDB-ID:36547"], "type": "exploitdb"}], "rev": 2}, "score": {"modified": "2020-05-08T11:04:50", "rev": 2, "value": 5.2, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310103388", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103388\");\n script_version(\"2020-05-06T07:10:15+0000\");\n script_bugtraq_id(51401);\n script_cve_id(\"CVE-2012-0389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-05-07 10:48:07 +0000 (Thu, 07 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-01-13 10:03:24 +0100 (Fri, 13 Jan 2012)\");\n script_name(\"MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability\");\n script_category(ACT_ATTACK);\n script_family(\"Web application abuses\");\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"find_service.nasl\", \"no404.nasl\", \"webmirror.nasl\", \"DDI_Directory_Scanner.nasl\", \"global_settings.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/51401\");\n script_xref(name:\"URL\", value:\"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\");\n\n script_tag(name:\"summary\", value:\"MailEnable is prone to a cross-site scripting vulnerability because it\n fails to properly sanitize user-supplied input.\");\n\n script_tag(name:\"impact\", value:\"An attacker may leverage this issue to execute arbitrary script code\n in the browser of an unsuspecting user in the context of the affected\n site. This may allow the attacker to steal cookie-based authentication\n credentials and launch other attacks.\");\n\n script_tag(name:\"affected\", value:\"The following MailEnable versions are vulnerable:\n\n Professional, Enterprise, and Premium 4.26 and prior versions\n\n Professional, Enterprise, and Premium 5.52 and prior versions\n\n Professional, Enterprise, and Premium 6.02 and prior versions\");\n\n script_tag(name:\"solution\", value:\"Vendor updates are available. Please see the references for details.\");\n\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\n\nport = http_get_port( default:80 );\nif( ! http_can_host_asp( port:port ) ) exit( 0 );\n\nforeach dir( make_list_unique( \"/mail\", \"/webmail\", http_cgi_dirs( port:port ) ) ) {\n\n if( dir == \"/\" ) dir = \"\";\n url = dir + \"/Mondo/lang/sys/login.aspx\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<title>MailEnable\" ) ) {\n\n url = dir + \"/Mondo/lang/sys/ForgottenPassword.aspx?Username=></script><script>alert(/xss-test/)</script>\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<script>alert\\(/xss-test/\\)</script>\", check_header:TRUE ) ) {\n report = http_report_vuln_url( port:port, url:url );\n security_message( port:port, data:report );\n exit( 0 );\n }\n }\n}\n\nexit( 99 );\n", "naslFamily": "Web application abuses"}, "differentElements": ["modified", "sourceData"], "edition": 8, "lastseen": "2020-05-08T11:04:50"}, {"bulletin": {"id": "OPENVAS:1361412562310103388", "hash": "6c9e54ccee68e73c44b5053e75a2c82aa1677448a25ffcdbbd1f5a9953914736", "type": "openvas", "bulletinFamily": "scanner", "title": "MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability", "description": "MailEnable is prone to a cross-site scripting vulnerability because it\n fails to properly sanitize user-supplied input.", "published": "2012-01-13T00:00:00", "modified": "2017-04-20T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103388", "reporter": "This script is Copyright (C) 2012 Greenbone Networks GmbH", "references": ["http://www.mailenable.com/kb/Content/Article.asp?ID=me020567", "http://www.securityfocus.com/bid/51401", "http://www.mailenable.com/"], "cvelist": ["CVE-2012-0389"], "lastseen": "2018-08-30T19:25:39", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310103388", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mailenable_51401.nasl 5992 2017-04-20 14:42:07Z cfi $\n#\n# MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103388\");\n script_version(\"$Revision: 5992 $\");\n script_bugtraq_id(51401);\n script_cve_id(\"CVE-2012-0389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-20 16:42:07 +0200 (Thu, 20 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-13 10:03:24 +0100 (Fri, 13 Jan 2012)\");\n script_name(\"MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability\");\n script_category(ACT_ATTACK);\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"find_service.nasl\", \"http_version.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/51401\");\n script_xref(name:\"URL\", value:\"http://www.mailenable.com/\");\n script_xref(name:\"URL\", value:\"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\");\n\n tag_summary = \"MailEnable is prone to a cross-site scripting vulnerability because it\n fails to properly sanitize user-supplied input.\";\n\n tag_impact = \"An attacker may leverage this issue to execute arbitrary script code\n in the browser of an unsuspecting user in the context of the affected\n site. This may allow the attacker to steal cookie-based authentication\n credentials and launch other attacks.\";\n\n tag_affected = \"The following MailEnable versions are vulnerable: Professional,\n Enterprise, and Premium 4.26 and prior versions Professional,\n Enterprise, and Premium 5.52 and prior versions Professional,\n Enterprise, and Premium 6.02 and prior versions\";\n\n tag_solution = \"Vendor updates are available. Please see the references for details.\";\n\n script_tag(name:\"summary\", value:tag_summary);\n script_tag(name:\"impact\", value:tag_impact);\n script_tag(name:\"affected\", value:tag_impact);\n script_tag(name:\"solution\", value:tag_solution);\n\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\n \nport = get_http_port( default:80 );\nif( ! can_host_asp( port:port ) ) exit( 0 );\n\nforeach dir( make_list_unique( \"/mail\", \"/webmail\", cgi_dirs( port:port ) ) ) {\n\n if( dir == \"/\" ) dir = \"\";\n url = dir + \"/Mondo/lang/sys/login.aspx\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<title>MailEnable\" ) ) {\n\n url = dir + \"/Mondo/lang/sys/ForgottenPassword.aspx?Username=></script><script>alert(/openvas-xss-test/)</script>\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<script>alert\\(/openvas-xss-test/\\)</script>\", check_header:TRUE ) ) {\n report = report_vuln_url( port:port, url:url );\n security_message( port:port, data:report );\n exit( 0 );\n }\n }\n}\n\nexit( 99 );\n", "naslFamily": "Web application abuses"}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-08-30T19:25:39"}, {"bulletin": {"id": "OPENVAS:1361412562310103388", "hash": "546259ade55e19c9ed8c1c9f75c7decd9b8b01988ac00d698c80d6190e6824b1", "type": "openvas", "bulletinFamily": "scanner", "title": "MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability", "description": "MailEnable is prone to a cross-site scripting vulnerability because it\n fails to properly sanitize user-supplied input.", "published": "2012-01-13T00:00:00", "modified": "2018-09-17T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103388", "reporter": "This script is Copyright (C) 2012 Greenbone Networks GmbH", "references": ["http://www.mailenable.com/kb/Content/Article.asp?ID=me020567", "http://www.securityfocus.com/bid/51401", "http://www.mailenable.com/"], "cvelist": ["CVE-2012-0389"], "lastseen": "2019-05-29T18:38:39", "history": [], "viewCount": 1, "enchantments": {"dependencies": {"modified": "2019-05-29T18:38:39", "references": [{"idList": ["CVE-2012-0389"], "type": "cve"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"], "type": "nessus"}, {"idList": ["EDB-ID:18447", "EDB-ID:36547"], "type": "exploitdb"}]}, "score": {"modified": "2019-05-29T18:38:39", "value": 5.2, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310103388", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mailenable_51401.nasl 11435 2018-09-17 13:44:25Z cfischer $\n#\n# MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103388\");\n script_version(\"$Revision: 11435 $\");\n script_bugtraq_id(51401);\n script_cve_id(\"CVE-2012-0389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-17 15:44:25 +0200 (Mon, 17 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-13 10:03:24 +0100 (Fri, 13 Jan 2012)\");\n script_name(\"MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability\");\n script_category(ACT_ATTACK);\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"find_service.nasl\", \"http_version.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/51401\");\n script_xref(name:\"URL\", value:\"http://www.mailenable.com/\");\n script_xref(name:\"URL\", value:\"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\");\n\n script_tag(name:\"summary\", value:\"MailEnable is prone to a cross-site scripting vulnerability because it\n fails to properly sanitize user-supplied input.\");\n\n script_tag(name:\"impact\", value:\"An attacker may leverage this issue to execute arbitrary script code\n in the browser of an unsuspecting user in the context of the affected\n site. This may allow the attacker to steal cookie-based authentication\n credentials and launch other attacks.\");\n\n script_tag(name:\"affected\", value:\"The following MailEnable versions are vulnerable:\n\n Professional, Enterprise, and Premium 4.26 and prior versions\n\n Professional, Enterprise, and Premium 5.52 and prior versions\n\n Professional, Enterprise, and Premium 6.02 and prior versions\");\n\n script_tag(name:\"solution\", value:\"Vendor updates are available. Please see the references for details.\");\n\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\n\nport = get_http_port( default:80 );\nif( ! can_host_asp( port:port ) ) exit( 0 );\n\nforeach dir( make_list_unique( \"/mail\", \"/webmail\", cgi_dirs( port:port ) ) ) {\n\n if( dir == \"/\" ) dir = \"\";\n url = dir + \"/Mondo/lang/sys/login.aspx\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<title>MailEnable\" ) ) {\n\n url = dir + \"/Mondo/lang/sys/ForgottenPassword.aspx?Username=></script><script>alert(/xss-test/)</script>\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<script>alert\\(/xss-test/\\)</script>\", check_header:TRUE ) ) {\n report = report_vuln_url( port:port, url:url );\n security_message( port:port, data:report );\n exit( 0 );\n }\n }\n}\n\nexit( 99 );\n", "naslFamily": "Web application abuses"}, "differentElements": ["modified", "sourceData"], "edition": 6, "lastseen": "2019-05-29T18:38:39"}, {"bulletin": {"id": "OPENVAS:1361412562310103388", "hash": "291c9ea98afe87feba981777a3e558c75961e0dcb8dcda3380fcd283e503d56e", "type": "openvas", "bulletinFamily": "scanner", "title": "MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability", "description": "MailEnable is prone to a cross-site scripting vulnerability because it\n fails to properly sanitize user-supplied input.", "published": "2012-01-13T00:00:00", "modified": "2018-09-17T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103388", "reporter": "This script is Copyright (C) 2012 Greenbone Networks GmbH", "references": ["http://www.mailenable.com/kb/Content/Article.asp?ID=me020567", "http://www.securityfocus.com/bid/51401", "http://www.mailenable.com/"], "cvelist": ["CVE-2012-0389"], "lastseen": "2018-09-18T13:42:24", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"modified": "2018-09-18T13:42:24", "references": [{"idList": ["CVE-2012-0389"], "type": "cve"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"], "type": "nessus"}, {"idList": ["EDB-ID:18447", "EDB-ID:36547"], "type": "exploitdb"}]}, "score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310103388", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mailenable_51401.nasl 11435 2018-09-17 13:44:25Z cfischer $\n#\n# MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103388\");\n script_version(\"$Revision: 11435 $\");\n script_bugtraq_id(51401);\n script_cve_id(\"CVE-2012-0389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-17 15:44:25 +0200 (Mon, 17 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-13 10:03:24 +0100 (Fri, 13 Jan 2012)\");\n script_name(\"MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability\");\n script_category(ACT_ATTACK);\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"find_service.nasl\", \"http_version.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/51401\");\n script_xref(name:\"URL\", value:\"http://www.mailenable.com/\");\n script_xref(name:\"URL\", value:\"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\");\n\n script_tag(name:\"summary\", value:\"MailEnable is prone to a cross-site scripting vulnerability because it\n fails to properly sanitize user-supplied input.\");\n\n script_tag(name:\"impact\", value:\"An attacker may leverage this issue to execute arbitrary script code\n in the browser of an unsuspecting user in the context of the affected\n site. This may allow the attacker to steal cookie-based authentication\n credentials and launch other attacks.\");\n\n script_tag(name:\"affected\", value:\"The following MailEnable versions are vulnerable:\n\n Professional, Enterprise, and Premium 4.26 and prior versions\n\n Professional, Enterprise, and Premium 5.52 and prior versions\n\n Professional, Enterprise, and Premium 6.02 and prior versions\");\n\n script_tag(name:\"solution\", value:\"Vendor updates are available. Please see the references for details.\");\n\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\n\nport = get_http_port( default:80 );\nif( ! can_host_asp( port:port ) ) exit( 0 );\n\nforeach dir( make_list_unique( \"/mail\", \"/webmail\", cgi_dirs( port:port ) ) ) {\n\n if( dir == \"/\" ) dir = \"\";\n url = dir + \"/Mondo/lang/sys/login.aspx\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<title>MailEnable\" ) ) {\n\n url = dir + \"/Mondo/lang/sys/ForgottenPassword.aspx?Username=></script><script>alert(/xss-test/)</script>\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<script>alert\\(/xss-test/\\)</script>\", check_header:TRUE ) ) {\n report = report_vuln_url( port:port, url:url );\n security_message( port:port, data:report );\n exit( 0 );\n }\n }\n}\n\nexit( 99 );\n", "naslFamily": "Web application abuses"}, "differentElements": ["cvss"], "edition": 5, "lastseen": "2018-09-18T13:42:24"}], "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-0389"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12142", "SECURITYVULNS:DOC:27554"]}, {"type": "exploitdb", "idList": ["EDB-ID:36547", "EDB-ID:18447"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108640"]}, {"type": "seebug", "idList": ["SSV:72551"]}, {"type": "nessus", "idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"]}], "modified": "2020-05-08T19:07:41", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2020-05-08T19:07:41", "rev": 2}}, "objectVersion": "1.4", "pluginID": "1361412562310103388", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103388\");\n script_version(\"2020-05-06T07:10:15+0000\");\n script_bugtraq_id(51401);\n script_cve_id(\"CVE-2012-0389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-05-06 07:10:15 +0000 (Wed, 06 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-01-13 10:03:24 +0100 (Fri, 13 Jan 2012)\");\n script_name(\"MailEnable 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability\");\n script_category(ACT_ATTACK);\n script_family(\"Web application abuses\");\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"find_service.nasl\", \"no404.nasl\", \"webmirror.nasl\", \"DDI_Directory_Scanner.nasl\", \"global_settings.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/51401\");\n script_xref(name:\"URL\", value:\"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\");\n\n script_tag(name:\"summary\", value:\"MailEnable is prone to a cross-site scripting vulnerability because it\n fails to properly sanitize user-supplied input.\");\n\n script_tag(name:\"impact\", value:\"An attacker may leverage this issue to execute arbitrary script code\n in the browser of an unsuspecting user in the context of the affected\n site. This may allow the attacker to steal cookie-based authentication\n credentials and launch other attacks.\");\n\n script_tag(name:\"affected\", value:\"The following MailEnable versions are vulnerable:\n\n Professional, Enterprise, and Premium 4.26 and prior versions\n\n Professional, Enterprise, and Premium 5.52 and prior versions\n\n Professional, Enterprise, and Premium 6.02 and prior versions\");\n\n script_tag(name:\"solution\", value:\"Vendor updates are available. Please see the references for details.\");\n\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\n\nport = http_get_port( default:80 );\nif( ! http_can_host_asp( port:port ) ) exit( 0 );\n\nforeach dir( make_list_unique( \"/mail\", \"/webmail\", http_cgi_dirs( port:port ) ) ) {\n\n if( dir == \"/\" ) dir = \"\";\n url = dir + \"/Mondo/lang/sys/login.aspx\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<title>MailEnable\" ) ) {\n\n url = dir + \"/Mondo/lang/sys/ForgottenPassword.aspx?Username=></script><script>alert(/xss-test/)</script>\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<script>alert\\(/xss-test/\\)</script>\", check_header:TRUE ) ) {\n report = http_report_vuln_url( port:port, url:url );\n security_message( port:port, data:report );\n exit( 0 );\n }\n }\n}\n\nexit( 99 );\n", "naslFamily": "Web application abuses", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"]}], "securityvulns": [{"id": "SECURITYVULNS:VULN:12142", "bulletinFamily": "software", "title": "MailEnable crossite scripting", "description": "Crossite scripting in ForgottonPassword.aspx", "published": "2012-01-16T00:00:00", "modified": "2012-01-16T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12142", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:27554"], "cvelist": ["CVE-2012-0389"], "type": "securityvulns", "lastseen": "2021-06-08T19:03:18", "history": [{"bulletin": {"affectedSoftware": [{"name": "MailEnable", "operator": "eq", "version": "5.52"}, {"name": "MailEnable", "operator": "eq", "version": "6.02"}], "bulletinFamily": "software", "cvelist": ["CVE-2012-0389"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Crossite scripting in ForgottonPassword.aspx", "edition": 1, "enchantments": {"dependencies": {"modified": "2018-08-31T11:09:45", "references": [{"idList": ["OPENVAS:1361412562310103388"], "type": "openvas"}, {"idList": ["CVE-2012-0389"], "type": "cve"}, {"idList": ["SECURITYVULNS:DOC:27554"], "type": "securityvulns"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"], "type": "nessus"}, {"idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"], "type": "exploitpack"}, {"idList": ["EDB-ID:18447", "EDB-ID:36547"], "type": "exploitdb"}], "rev": 2}, "score": {"modified": "2018-08-31T11:09:45", "rev": 2, "value": 5.6, "vector": "NONE"}}, "hash": "8da21b99c694bae1faf27c3b1646c67234736f8cd215a0415f0938d9eff7ce07", "hashmap": [{"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "fbd0445612ce49612e0f8f2161396fc2", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "f02d9c225dc8427cb264bfe6dcd2d074", "key": "references"}, {"hash": "dc1db2ff451981c50032c54bb22011ff", "key": "cvelist"}, {"hash": "f9fa10ba956cacf91d7878861139efb9", "key": "bulletinFamily"}, {"hash": "1d11ac77c73953812db942faca67aec0", "key": "title"}, {"hash": "019ae84d93985537311c3875d16ec48b", "key": "href"}, {"hash": "fbd0445612ce49612e0f8f2161396fc2", "key": "modified"}, {"hash": "2c5cca82a8670da097919f6160833daf", "key": "reporter"}, {"hash": "fd35df882f835dc15d83c15cc410a8d2", "key": "description"}, {"hash": "fae16c4047e537705c1494e80ddad2f3", "key": "affectedSoftware"}, {"hash": "d54751dd75af2ea0147b462b3e001cd0", "key": "type"}], "history": [], "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12142", "id": "SECURITYVULNS:VULN:12142", "immutableFields": [], "lastseen": "2018-08-31T11:09:45", "modified": "2012-01-16T00:00:00", "objectVersion": "1.5", "published": "2012-01-16T00:00:00", "references": ["https://vulners.com/securityvulns/securityvulns:doc:27554"], "reporter": "BUGTRAQ", "title": "MailEnable crossite scripting", "type": "securityvulns", "viewCount": 2}, "different_elements": ["affectedSoftware"], "edition": 1, "lastseen": "2018-08-31T11:09:45"}], "edition": 2, "hashmap": [{"key": "affectedSoftware", "hash": "bbd8e5b218f593844f88282a567ed017"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "dc1db2ff451981c50032c54bb22011ff"}, {"key": "cvss", "hash": "6e9bdd2021503689a2ad9254c9cdf2b3"}, {"key": "description", "hash": "fd35df882f835dc15d83c15cc410a8d2"}, {"key": "href", "hash": "019ae84d93985537311c3875d16ec48b"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "fbd0445612ce49612e0f8f2161396fc2"}, {"key": "published", "hash": "fbd0445612ce49612e0f8f2161396fc2"}, {"key": "references", "hash": "f02d9c225dc8427cb264bfe6dcd2d074"}, {"key": "reporter", "hash": "2c5cca82a8670da097919f6160833daf"}, {"key": "title", "hash": "1d11ac77c73953812db942faca67aec0"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "5305bf74f388c2b11a4b848ba3898ff81ffcafc6e3f9e9d4f8aa48b237283b45", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-0389"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27554"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103388"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108640"]}, {"type": "seebug", "idList": ["SSV:72551"]}, {"type": "nessus", "idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"]}, {"type": "exploitdb", "idList": ["EDB-ID:36547", "EDB-ID:18447"]}], "modified": "2021-06-08T19:03:18", "rev": 2}, "score": {"value": 5.6, "vector": "NONE", "modified": "2021-06-08T19:03:18", "rev": 2}}, "objectVersion": "1.5", "affectedSoftware": [{"name": "mailenable", "operator": "eq", "version": "5.52"}, {"name": "mailenable", "operator": "eq", "version": "6.02"}], "immutableFields": [], "scheme": null}], "nessus": [{"id": "MAILENABLE_FORGOTTENPASSWORD_XSS.NASL", "hash": "49ee7c2629ee08701f17dd89c3f40395", "type": "nessus", "bulletinFamily": "scanner", "title": "MailEnable ForgottenPassword.aspx Username Parameter XSS", "description": "The webmail client bundled with MailEnable is affected by a cross-site scripting vulnerability in the ForgottenPassword.aspx script. The 'Username' parameter fails to properly sanitize user- supplied input. Successful exploitation would allow an attacker to steal cookies used for webmail access.", "published": "2012-06-19T00:00:00", "modified": "2021-01-19T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/59569", "reporter": "This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0389", "http://www.nerv.fi/CVE-2012-0389.txt", "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567"], "cvelist": ["CVE-2012-0389"], "immutableFields": [], "lastseen": "2021-08-19T12:58:23", "history": [{"bulletin": {"id": "MAILENABLE_FORGOTTENPASSWORD_XSS.NASL", "hash": "d27953d4cc14697e058ee351571623dcb8627ec0ceae69de287554361a9b8fab", "type": "nessus", "bulletinFamily": "scanner", "title": "MailEnable ForgottenPassword.aspx Username Parameter XSS", "description": "The webmail client bundled with MailEnable is affected by a cross-site scripting vulnerability in the ForgottenPassword.aspx script. The 'Username' parameter fails to properly sanitize user- supplied input. Successful exploitation would allow an attacker to steal cookies used for webmail access.", "published": "2012-06-19T00:00:00", "modified": "2018-07-14T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=59569", "reporter": "Tenable", "references": ["http://www.nerv.fi/CVE-2012-0389.txt", "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567"], "cvelist": ["CVE-2012-0389"], "immutableFields": [], "lastseen": "2018-07-15T03:26:33", "history": [], "viewCount": 4, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "59569", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59569);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\"CVE-2012-0389\");\n script_bugtraq_id(51401);\n script_xref(name:\"EDB-ID\", value:\"18447\");\n\n script_name(english:\"MailEnable ForgottenPassword.aspx Username Parameter XSS\");\n script_summary(english:\"Attempts a non-persistent XSS\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote web server hosts an application that is affected by a\ncross-site scripting vulnerability.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The webmail client bundled with MailEnable is affected by a\ncross-site scripting vulnerability in the ForgottenPassword.aspx\nscript. The 'Username' parameter fails to properly sanitize user-\nsupplied input. Successful exploitation would allow an attacker to\nsteal cookies used for webmail access.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nerv.fi/CVE-2012-0389.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\");\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to MailEnable 5.53 / 6.03 or later.\n\nAlternatively, those with MailEnable 4 can apply the fix provided in\nthe referenced URL.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mailenable:mailenable\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"CGI abuses : XSS\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"mailenable_webmail_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_require_keys(\"www/mailenable_webmail\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\ninclude(\"url_func.inc\");\n\nport = get_http_port(default:80);\n\ninstall = get_install_from_kb(appname:\"mailenable_webmail\", port:port, exit_on_fail:TRUE);\ndir = install[\"dir\"];\ndir = ereg_replace(pattern:\"^(.*)/[^/]+\\.aspx\", replace:\"\\1\", string:dir);\n\n# Version 4.x will timeout when accessing ForgottenPassword.aspx\n# unless we first establish a new session.\nnew_session = http_send_recv3(method:\"GET\", item:install[\"dir\"], port:port, exit_on_fail:TRUE);\n\n# Versions 4.x\nif ('ForgottenPassword.aspx?Username=\"' >< new_session[2])\n{\n xss_test = '\"};alert(/' + SCRIPT_NAME + '-' + unixtime() + '/);{\"';\n}\n# Versions 5.x/6.x\nelse xss_test = \"'};alert(/\" + SCRIPT_NAME + \"-\" + unixtime() + \"/);{'\";\n\nexploit = test_cgi_xss(\n port : port,\n dirs : make_list(dir),\n cgi : \"/forgottenpassword.aspx\",\n qs : 'username=' + urlencode(str:xss_test),\n pass_str : xss_test,\n pass_re : 'function PageLoad()',\n silent : TRUE\n);\nif (exploit)\n{\n if (report_verbosity > 0)\n { \n report = \n '\\n' + 'Nessus was able to exploit the issue using the following sequence of' +\n '\\n' + 'URLs :' +\n '\\n' +\n '\\n ' + build_url(port:port, qs:install[\"dir\"]) +\n '\\n ' + build_url(port:port, qs:dir+\"/forgottenpassword.aspx?Username=\"+urlencode(str:xss_test)) +\n '\\n';\n }\n security_warning(port:port, extra:report);\n exit(0);\n}\naudit(AUDIT_WEB_APP_NOT_AFFECTED, \"MailEnable WebMail\", build_url(qs:install[\"dir\"], port:port));\n", "naslFamily": "CGI abuses : XSS", "cpe": ["cpe:/a:mailenable:mailenable"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2018-07-15T03:26:33", "differentElements": ["cvss", "description", "href", "modified", "reporter"], "edition": 1}, {"bulletin": {"id": "MAILENABLE_FORGOTTENPASSWORD_XSS.NASL", "hash": "6a035baa7f88bf7f15c48cc73c39aad8705e3b1ce9b8e6e9ebbda4872ee16d59", "type": "nessus", "bulletinFamily": "scanner", "title": "MailEnable ForgottenPassword.aspx Username Parameter XSS", "description": "The webmail client bundled with MailEnable is affected by a\ncross-site scripting vulnerability in the ForgottenPassword.aspx\nscript. The ", "published": "2012-06-19T00:00:00", "modified": "2019-10-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/59569", "reporter": "This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.", "references": ["http://www.nerv.fi/CVE-2012-0389.txt", "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567"], "cvelist": ["CVE-2012-0389"], "immutableFields": [], "lastseen": "2019-10-28T20:41:09", "history": [], "viewCount": 11, "enchantments": {"dependencies": {"modified": "2019-10-28T20:41:09", "references": [{"idList": ["OPENVAS:1361412562310103388"], "type": "openvas"}, {"idList": ["CVE-2012-0389"], "type": "cve"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["EDB-ID:18447", "EDB-ID:36547"], "type": "exploitdb"}]}, "score": {"modified": "2019-10-28T20:41:09", "value": 4.9, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "59569", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59569);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\"CVE-2012-0389\");\n script_bugtraq_id(51401);\n script_xref(name:\"EDB-ID\", value:\"18447\");\n\n script_name(english:\"MailEnable ForgottenPassword.aspx Username Parameter XSS\");\n script_summary(english:\"Attempts a non-persistent XSS\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote web server hosts an application that is affected by a\ncross-site scripting vulnerability.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The webmail client bundled with MailEnable is affected by a\ncross-site scripting vulnerability in the ForgottenPassword.aspx\nscript. The 'Username' parameter fails to properly sanitize user-\nsupplied input. Successful exploitation would allow an attacker to\nsteal cookies used for webmail access.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nerv.fi/CVE-2012-0389.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\");\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to MailEnable 5.53 / 6.03 or later.\n\nAlternatively, those with MailEnable 4 can apply the fix provided in\nthe referenced URL.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mailenable:mailenable\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"CGI abuses : XSS\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"mailenable_webmail_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_require_keys(\"www/mailenable_webmail\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\ninclude(\"url_func.inc\");\n\nport = get_http_port(default:80);\n\ninstall = get_install_from_kb(appname:\"mailenable_webmail\", port:port, exit_on_fail:TRUE);\ndir = install[\"dir\"];\ndir = ereg_replace(pattern:\"^(.*)/[^/]+\\.aspx\", replace:\"\\1\", string:dir);\n\n# Version 4.x will timeout when accessing ForgottenPassword.aspx\n# unless we first establish a new session.\nnew_session = http_send_recv3(method:\"GET\", item:install[\"dir\"], port:port, exit_on_fail:TRUE);\n\n# Versions 4.x\nif ('ForgottenPassword.aspx?Username=\"' >< new_session[2])\n{\n xss_test = '\"};alert(/' + SCRIPT_NAME + '-' + unixtime() + '/);{\"';\n}\n# Versions 5.x/6.x\nelse xss_test = \"'};alert(/\" + SCRIPT_NAME + \"-\" + unixtime() + \"/);{'\";\n\nexploit = test_cgi_xss(\n port : port,\n dirs : make_list(dir),\n cgi : \"/forgottenpassword.aspx\",\n qs : 'username=' + urlencode(str:xss_test),\n pass_str : xss_test,\n pass_re : 'function PageLoad()',\n silent : TRUE\n);\nif (exploit)\n{\n if (report_verbosity > 0)\n { \n report = \n '\\n' + 'Nessus was able to exploit the issue using the following sequence of' +\n '\\n' + 'URLs :' +\n '\\n' +\n '\\n ' + build_url(port:port, qs:install[\"dir\"]) +\n '\\n ' + build_url(port:port, qs:dir+\"/forgottenpassword.aspx?Username=\"+urlencode(str:xss_test)) +\n '\\n';\n }\n security_warning(port:port, extra:report);\n exit(0);\n}\naudit(AUDIT_WEB_APP_NOT_AFFECTED, \"MailEnable WebMail\", build_url(qs:install[\"dir\"], port:port));\n", "naslFamily": "CGI abuses : XSS", "cpe": ["cpe:/a:mailenable:mailenable"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2019-10-28T20:41:09", "differentElements": ["modified"], "edition": 2}, {"bulletin": {"id": "MAILENABLE_FORGOTTENPASSWORD_XSS.NASL", "hash": "d0ef782034eb1a40821929b00e70ef19eb7b5f8c8ea7b71c45b1027560cb447f", "type": "nessus", "bulletinFamily": "scanner", "title": "MailEnable ForgottenPassword.aspx Username Parameter XSS", "description": "The webmail client bundled with MailEnable is affected by a\ncross-site scripting vulnerability in the ForgottenPassword.aspx\nscript. The ", "published": "2012-06-19T00:00:00", "modified": "2019-11-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/59569", "reporter": "This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.", "references": ["http://www.nerv.fi/CVE-2012-0389.txt", "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567"], "cvelist": ["CVE-2012-0389"], "immutableFields": [], "lastseen": "2019-11-01T02:54:53", "history": [], "viewCount": 11, "enchantments": {"dependencies": {"modified": "2019-11-01T02:54:53", "references": [{"idList": ["OPENVAS:1361412562310103388"], "type": "openvas"}, {"idList": ["CVE-2012-0389"], "type": "cve"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["EDB-ID:18447", "EDB-ID:36547"], "type": "exploitdb"}]}, "score": {"modified": "2019-11-01T02:54:53", "value": 4.9, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "59569", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59569);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\"CVE-2012-0389\");\n script_bugtraq_id(51401);\n script_xref(name:\"EDB-ID\", value:\"18447\");\n\n script_name(english:\"MailEnable ForgottenPassword.aspx Username Parameter XSS\");\n script_summary(english:\"Attempts a non-persistent XSS\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote web server hosts an application that is affected by a\ncross-site scripting vulnerability.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The webmail client bundled with MailEnable is affected by a\ncross-site scripting vulnerability in the ForgottenPassword.aspx\nscript. The 'Username' parameter fails to properly sanitize user-\nsupplied input. Successful exploitation would allow an attacker to\nsteal cookies used for webmail access.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nerv.fi/CVE-2012-0389.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\");\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to MailEnable 5.53 / 6.03 or later.\n\nAlternatively, those with MailEnable 4 can apply the fix provided in\nthe referenced URL.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mailenable:mailenable\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"CGI abuses : XSS\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"mailenable_webmail_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_require_keys(\"www/mailenable_webmail\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\ninclude(\"url_func.inc\");\n\nport = get_http_port(default:80);\n\ninstall = get_install_from_kb(appname:\"mailenable_webmail\", port:port, exit_on_fail:TRUE);\ndir = install[\"dir\"];\ndir = ereg_replace(pattern:\"^(.*)/[^/]+\\.aspx\", replace:\"\\1\", string:dir);\n\n# Version 4.x will timeout when accessing ForgottenPassword.aspx\n# unless we first establish a new session.\nnew_session = http_send_recv3(method:\"GET\", item:install[\"dir\"], port:port, exit_on_fail:TRUE);\n\n# Versions 4.x\nif ('ForgottenPassword.aspx?Username=\"' >< new_session[2])\n{\n xss_test = '\"};alert(/' + SCRIPT_NAME + '-' + unixtime() + '/);{\"';\n}\n# Versions 5.x/6.x\nelse xss_test = \"'};alert(/\" + SCRIPT_NAME + \"-\" + unixtime() + \"/);{'\";\n\nexploit = test_cgi_xss(\n port : port,\n dirs : make_list(dir),\n cgi : \"/forgottenpassword.aspx\",\n qs : 'username=' + urlencode(str:xss_test),\n pass_str : xss_test,\n pass_re : 'function PageLoad()',\n silent : TRUE\n);\nif (exploit)\n{\n if (report_verbosity > 0)\n { \n report = \n '\\n' + 'Nessus was able to exploit the issue using the following sequence of' +\n '\\n' + 'URLs :' +\n '\\n' +\n '\\n ' + build_url(port:port, qs:install[\"dir\"]) +\n '\\n ' + build_url(port:port, qs:dir+\"/forgottenpassword.aspx?Username=\"+urlencode(str:xss_test)) +\n '\\n';\n }\n security_warning(port:port, extra:report);\n exit(0);\n}\naudit(AUDIT_WEB_APP_NOT_AFFECTED, \"MailEnable WebMail\", build_url(qs:install[\"dir\"], port:port));\n", "naslFamily": "CGI abuses : XSS", "cpe": ["cpe:/a:mailenable:mailenable"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2019-11-01T02:54:53", "differentElements": ["description", "modified", "reporter", "sourceData"], "edition": 3}, {"bulletin": {"id": "MAILENABLE_FORGOTTENPASSWORD_XSS.NASL", "hash": "dbe45efd3db6b909d6d7bfcfe5ee7cf805f46d048c046b4f8b1fbabb4fa84700", "type": "nessus", "bulletinFamily": "scanner", "title": "MailEnable ForgottenPassword.aspx Username Parameter XSS", "description": "The webmail client bundled with MailEnable is affected by a\ncross-site scripting vulnerability in the ForgottenPassword.aspx\nscript. The 'Username' parameter fails to properly sanitize user-\nsupplied input. Successful exploitation would allow an attacker to\nsteal cookies used for webmail access.", "published": "2012-06-19T00:00:00", "modified": "2020-10-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/59569", "reporter": "This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nerv.fi/CVE-2012-0389.txt", "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567"], "cvelist": ["CVE-2012-0389"], "immutableFields": [], "lastseen": "2020-10-01T00:36:48", "history": [], "viewCount": 30, "enchantments": {"dependencies": {"modified": "2020-10-01T00:36:48", "references": [{"idList": ["OPENVAS:1361412562310103388"], "type": "openvas"}, {"idList": ["CVE-2012-0389"], "type": "cve"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"], "type": "exploitpack"}, {"idList": ["EDB-ID:18447", "EDB-ID:36547"], "type": "exploitdb"}], "rev": 2}, "score": {"modified": "2020-10-01T00:36:48", "rev": 2, "value": 5.0, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "59569", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59569);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\"CVE-2012-0389\");\n script_bugtraq_id(51401);\n script_xref(name:\"EDB-ID\", value:\"18447\");\n\n script_name(english:\"MailEnable ForgottenPassword.aspx Username Parameter XSS\");\n script_summary(english:\"Attempts a non-persistent XSS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server hosts an application that is affected by a\ncross-site scripting vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The webmail client bundled with MailEnable is affected by a\ncross-site scripting vulnerability in the ForgottenPassword.aspx\nscript. The 'Username' parameter fails to properly sanitize user-\nsupplied input. Successful exploitation would allow an attacker to\nsteal cookies used for webmail access.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nerv.fi/CVE-2012-0389.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MailEnable 5.53 / 6.03 or later.\n\nAlternatively, those with MailEnable 4 can apply the fix provided in\nthe referenced URL.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mailenable:mailenable\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"CGI abuses : XSS\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mailenable_webmail_detect.nasl\");\n script_require_keys(\"www/mailenable_webmail\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\ninclude(\"url_func.inc\");\n\nport = get_http_port(default:80);\n\ninstall = get_install_from_kb(appname:\"mailenable_webmail\", port:port, exit_on_fail:TRUE);\ndir = install[\"dir\"];\ndir = ereg_replace(pattern:\"^(.*)/[^/]+\\.aspx\", replace:\"\\1\", string:dir);\n\n# Version 4.x will timeout when accessing ForgottenPassword.aspx\n# unless we first establish a new session.\nnew_session = http_send_recv3(method:\"GET\", item:install[\"dir\"], port:port, exit_on_fail:TRUE);\n\n# Versions 4.x\nif ('ForgottenPassword.aspx?Username=\"' >< new_session[2])\n{\n xss_test = '\"};alert(/' + SCRIPT_NAME + '-' + unixtime() + '/);{\"';\n}\n# Versions 5.x/6.x\nelse xss_test = \"'};alert(/\" + SCRIPT_NAME + \"-\" + unixtime() + \"/);{'\";\n\nexploit = test_cgi_xss(\n port : port,\n dirs : make_list(dir),\n cgi : \"/forgottenpassword.aspx\",\n qs : 'username=' + urlencode(str:xss_test),\n pass_str : xss_test,\n pass_re : 'function PageLoad()',\n silent : TRUE\n);\nif (exploit)\n{\n if (report_verbosity > 0)\n { \n report = \n '\\n' + 'Nessus was able to exploit the issue using the following sequence of' +\n '\\n' + 'URLs :' +\n '\\n' +\n '\\n ' + build_url(port:port, qs:install[\"dir\"]) +\n '\\n ' + build_url(port:port, qs:dir+\"/forgottenpassword.aspx?Username=\"+urlencode(str:xss_test)) +\n '\\n';\n }\n security_warning(port:port, extra:report);\n exit(0);\n}\naudit(AUDIT_WEB_APP_NOT_AFFECTED, \"MailEnable WebMail\", build_url(qs:install[\"dir\"], port:port));\n", "naslFamily": "CGI abuses : XSS", "cpe": ["cpe:/a:mailenable:mailenable"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-10-01T00:36:48", "differentElements": ["modified", "reporter", "sourceData"], "edition": 4}, {"bulletin": {"id": "MAILENABLE_FORGOTTENPASSWORD_XSS.NASL", "hash": "146d7793d3ec9fe10ae002b7282ffae23a1802c841fba1bbc22728f9abd2c5e2", "type": "nessus", "bulletinFamily": "scanner", "title": "MailEnable ForgottenPassword.aspx Username Parameter XSS", "description": "The webmail client bundled with MailEnable is affected by a\ncross-site scripting vulnerability in the ForgottenPassword.aspx\nscript. The 'Username' parameter fails to properly sanitize user-\nsupplied input. Successful exploitation would allow an attacker to\nsteal cookies used for webmail access.", "published": "2012-06-19T00:00:00", "modified": "2012-06-19T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/59569", "reporter": "This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nerv.fi/CVE-2012-0389.txt", "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567"], "cvelist": ["CVE-2012-0389"], "immutableFields": [], "lastseen": "2021-01-20T12:02:11", "history": [], "viewCount": 33, "enchantments": {"dependencies": {"modified": "2021-01-20T12:02:11", "references": [{"idList": ["OPENVAS:1361412562310103388"], "type": "openvas"}, {"idList": ["CVE-2012-0389"], "type": "cve"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"], "type": "exploitpack"}, {"idList": ["EDB-ID:18447", "EDB-ID:36547"], "type": "exploitdb"}], "rev": 2}, "score": {"modified": "2021-01-20T12:02:11", "rev": 2, "value": 5.1, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "59569", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59569);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0389\");\n script_bugtraq_id(51401);\n script_xref(name:\"EDB-ID\", value:\"18447\");\n\n script_name(english:\"MailEnable ForgottenPassword.aspx Username Parameter XSS\");\n script_summary(english:\"Attempts a non-persistent XSS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server hosts an application that is affected by a\ncross-site scripting vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The webmail client bundled with MailEnable is affected by a\ncross-site scripting vulnerability in the ForgottenPassword.aspx\nscript. The 'Username' parameter fails to properly sanitize user-\nsupplied input. Successful exploitation would allow an attacker to\nsteal cookies used for webmail access.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nerv.fi/CVE-2012-0389.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MailEnable 5.53 / 6.03 or later.\n\nAlternatively, those with MailEnable 4 can apply the fix provided in\nthe referenced URL.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mailenable:mailenable\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"CGI abuses : XSS\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mailenable_webmail_detect.nasl\");\n script_require_keys(\"www/mailenable_webmail\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\ninclude(\"url_func.inc\");\n\nport = get_http_port(default:80);\n\ninstall = get_install_from_kb(appname:\"mailenable_webmail\", port:port, exit_on_fail:TRUE);\ndir = install[\"dir\"];\ndir = ereg_replace(pattern:\"^(.*)/[^/]+\\.aspx\", replace:\"\\1\", string:dir);\n\n# Version 4.x will timeout when accessing ForgottenPassword.aspx\n# unless we first establish a new session.\nnew_session = http_send_recv3(method:\"GET\", item:install[\"dir\"], port:port, exit_on_fail:TRUE);\n\n# Versions 4.x\nif ('ForgottenPassword.aspx?Username=\"' >< new_session[2])\n{\n xss_test = '\"};alert(/' + SCRIPT_NAME + '-' + unixtime() + '/);{\"';\n}\n# Versions 5.x/6.x\nelse xss_test = \"'};alert(/\" + SCRIPT_NAME + \"-\" + unixtime() + \"/);{'\";\n\nexploit = test_cgi_xss(\n port : port,\n dirs : make_list(dir),\n cgi : \"/forgottenpassword.aspx\",\n qs : 'username=' + urlencode(str:xss_test),\n pass_str : xss_test,\n pass_re : 'function PageLoad()',\n silent : TRUE\n);\nif (exploit)\n{\n if (report_verbosity > 0)\n { \n report = \n '\\n' + 'Nessus was able to exploit the issue using the following sequence of' +\n '\\n' + 'URLs :' +\n '\\n' +\n '\\n ' + build_url(port:port, qs:install[\"dir\"]) +\n '\\n ' + build_url(port:port, qs:dir+\"/forgottenpassword.aspx?Username=\"+urlencode(str:xss_test)) +\n '\\n';\n }\n security_warning(port:port, extra:report);\n exit(0);\n}\naudit(AUDIT_WEB_APP_NOT_AFFECTED, \"MailEnable WebMail\", build_url(qs:install[\"dir\"], port:port));\n", "naslFamily": "CGI abuses : XSS", "cpe": ["cpe:/a:mailenable:mailenable"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-01-20T12:02:11", "differentElements": ["cvss2"], "edition": 5}, {"bulletin": {"id": "MAILENABLE_FORGOTTENPASSWORD_XSS.NASL", "hash": "e47b814f106ee480d6aef884c0a4b7b3", "type": "nessus", "bulletinFamily": "scanner", "title": "MailEnable ForgottenPassword.aspx Username Parameter XSS", "description": "The webmail client bundled with MailEnable is affected by a\ncross-site scripting vulnerability in the ForgottenPassword.aspx\nscript. The 'Username' parameter fails to properly sanitize user-\nsupplied input. Successful exploitation would allow an attacker to\nsteal cookies used for webmail access.", "published": "2012-06-19T00:00:00", "modified": "2012-06-19T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/59569", "reporter": "This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nerv.fi/CVE-2012-0389.txt", "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567"], "cvelist": ["CVE-2012-0389"], "immutableFields": [], "lastseen": "2021-07-29T01:18:03", "history": [], "viewCount": 33, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-0389"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12142", "SECURITYVULNS:DOC:27554"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103388"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108640"]}, {"type": "exploitdb", "idList": ["EDB-ID:18447", "EDB-ID:36547"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"]}, {"type": "seebug", "idList": ["SSV:72551"]}], "modified": "2021-07-29T01:18:03", "rev": 2}, "score": {"value": 5.1, "vector": "NONE", "modified": "2021-07-29T01:18:03", "rev": 2}}, "objectVersion": "1.6", "pluginID": "59569", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59569);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0389\");\n script_bugtraq_id(51401);\n script_xref(name:\"EDB-ID\", value:\"18447\");\n\n script_name(english:\"MailEnable ForgottenPassword.aspx Username Parameter XSS\");\n script_summary(english:\"Attempts a non-persistent XSS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server hosts an application that is affected by a\ncross-site scripting vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The webmail client bundled with MailEnable is affected by a\ncross-site scripting vulnerability in the ForgottenPassword.aspx\nscript. The 'Username' parameter fails to properly sanitize user-\nsupplied input. Successful exploitation would allow an attacker to\nsteal cookies used for webmail access.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nerv.fi/CVE-2012-0389.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MailEnable 5.53 / 6.03 or later.\n\nAlternatively, those with MailEnable 4 can apply the fix provided in\nthe referenced URL.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mailenable:mailenable\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"CGI abuses : XSS\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mailenable_webmail_detect.nasl\");\n script_require_keys(\"www/mailenable_webmail\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\ninclude(\"url_func.inc\");\n\nport = get_http_port(default:80);\n\ninstall = get_install_from_kb(appname:\"mailenable_webmail\", port:port, exit_on_fail:TRUE);\ndir = install[\"dir\"];\ndir = ereg_replace(pattern:\"^(.*)/[^/]+\\.aspx\", replace:\"\\1\", string:dir);\n\n# Version 4.x will timeout when accessing ForgottenPassword.aspx\n# unless we first establish a new session.\nnew_session = http_send_recv3(method:\"GET\", item:install[\"dir\"], port:port, exit_on_fail:TRUE);\n\n# Versions 4.x\nif ('ForgottenPassword.aspx?Username=\"' >< new_session[2])\n{\n xss_test = '\"};alert(/' + SCRIPT_NAME + '-' + unixtime() + '/);{\"';\n}\n# Versions 5.x/6.x\nelse xss_test = \"'};alert(/\" + SCRIPT_NAME + \"-\" + unixtime() + \"/);{'\";\n\nexploit = test_cgi_xss(\n port : port,\n dirs : make_list(dir),\n cgi : \"/forgottenpassword.aspx\",\n qs : 'username=' + urlencode(str:xss_test),\n pass_str : xss_test,\n pass_re : 'function PageLoad()',\n silent : TRUE\n);\nif (exploit)\n{\n if (report_verbosity > 0)\n { \n report = \n '\\n' + 'Nessus was able to exploit the issue using the following sequence of' +\n '\\n' + 'URLs :' +\n '\\n' +\n '\\n ' + build_url(port:port, qs:install[\"dir\"]) +\n '\\n ' + build_url(port:port, qs:dir+\"/forgottenpassword.aspx?Username=\"+urlencode(str:xss_test)) +\n '\\n';\n }\n security_warning(port:port, extra:report);\n exit(0);\n}\naudit(AUDIT_WEB_APP_NOT_AFFECTED, \"MailEnable WebMail\", build_url(qs:install[\"dir\"], port:port));\n", "naslFamily": "CGI abuses : XSS", "cpe": ["cpe:/a:mailenable:mailenable"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-07-29T01:18:03", "differentElements": ["cvss2", "cvss3", "description", "exploitAvailable", "exploitEase", "modified", "patchPublicationDate", "references", "solution", "vpr", "vulnerabilityPublicationDate"], "edition": 6}, {"bulletin": {"id": "MAILENABLE_FORGOTTENPASSWORD_XSS.NASL", "hash": "47b6c41c8b4e8afc4eb77bd6c4e03f90", "type": "nessus", "bulletinFamily": "scanner", "title": "MailEnable ForgottenPassword.aspx Username Parameter XSS", "description": "The webmail client bundled with MailEnable is affected by a cross-site scripting vulnerability in the ForgottenPassword.aspx script. The 'Username' parameter fails to properly sanitize user- supplied input. Successful exploitation would allow an attacker to steal cookies used for webmail access.", "published": "2012-06-19T00:00:00", "modified": "2021-01-19T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/59569", "reporter": "This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nerv.fi/CVE-2012-0389.txt", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0389", "http://www.mailenable.com/kb/Content/Article.asp?ID=me020567"], "cvelist": ["CVE-2012-0389"], "immutableFields": [], "lastseen": "2021-08-11T14:25:23", "history": [], "viewCount": 33, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-0389"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12142", "SECURITYVULNS:DOC:27554"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103388"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108640"]}, {"type": "seebug", "idList": ["SSV:72551"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"]}, {"type": "exploitdb", "idList": ["EDB-ID:18447", "EDB-ID:36547"]}], "modified": "2021-08-11T14:25:23", "rev": 2}, "score": {"value": 5.1, "vector": "NONE", "modified": "2021-08-11T14:25:23", "rev": 2}}, "objectVersion": "1.6", "pluginID": "59569", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59569);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0389\");\n script_bugtraq_id(51401);\n script_xref(name:\"EDB-ID\", value:\"18447\");\n\n script_name(english:\"MailEnable ForgottenPassword.aspx Username Parameter XSS\");\n script_summary(english:\"Attempts a non-persistent XSS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server hosts an application that is affected by a\ncross-site scripting vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The webmail client bundled with MailEnable is affected by a\ncross-site scripting vulnerability in the ForgottenPassword.aspx\nscript. The 'Username' parameter fails to properly sanitize user-\nsupplied input. Successful exploitation would allow an attacker to\nsteal cookies used for webmail access.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nerv.fi/CVE-2012-0389.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MailEnable 5.53 / 6.03 or later.\n\nAlternatively, those with MailEnable 4 can apply the fix provided in\nthe referenced URL.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mailenable:mailenable\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"CGI abuses : XSS\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mailenable_webmail_detect.nasl\");\n script_require_keys(\"www/mailenable_webmail\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\ninclude(\"url_func.inc\");\n\nport = get_http_port(default:80);\n\ninstall = get_install_from_kb(appname:\"mailenable_webmail\", port:port, exit_on_fail:TRUE);\ndir = install[\"dir\"];\ndir = ereg_replace(pattern:\"^(.*)/[^/]+\\.aspx\", replace:\"\\1\", string:dir);\n\n# Version 4.x will timeout when accessing ForgottenPassword.aspx\n# unless we first establish a new session.\nnew_session = http_send_recv3(method:\"GET\", item:install[\"dir\"], port:port, exit_on_fail:TRUE);\n\n# Versions 4.x\nif ('ForgottenPassword.aspx?Username=\"' >< new_session[2])\n{\n xss_test = '\"};alert(/' + SCRIPT_NAME + '-' + unixtime() + '/);{\"';\n}\n# Versions 5.x/6.x\nelse xss_test = \"'};alert(/\" + SCRIPT_NAME + \"-\" + unixtime() + \"/);{'\";\n\nexploit = test_cgi_xss(\n port : port,\n dirs : make_list(dir),\n cgi : \"/forgottenpassword.aspx\",\n qs : 'username=' + urlencode(str:xss_test),\n pass_str : xss_test,\n pass_re : 'function PageLoad()',\n silent : TRUE\n);\nif (exploit)\n{\n if (report_verbosity > 0)\n { \n report = \n '\\n' + 'Nessus was able to exploit the issue using the following sequence of' +\n '\\n' + 'URLs :' +\n '\\n' +\n '\\n ' + build_url(port:port, qs:install[\"dir\"]) +\n '\\n ' + build_url(port:port, qs:dir+\"/forgottenpassword.aspx?Username=\"+urlencode(str:xss_test)) +\n '\\n';\n }\n security_warning(port:port, extra:report);\n exit(0);\n}\naudit(AUDIT_WEB_APP_NOT_AFFECTED, \"MailEnable WebMail\", build_url(qs:install[\"dir\"], port:port));\n", "naslFamily": "CGI abuses : XSS", "cpe": ["cpe:/a:mailenable:mailenable"], "solution": "Upgrade to MailEnable 5.53 / 6.03 or later.\n\nAlternatively, those with MailEnable 4 can apply the fix provided in the referenced URL.", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {"risk factor": "Low", "score": "3.8"}, "exploitAvailable": true, "exploitEase": "No exploit is required", "patchPublicationDate": "2012-01-10T00:00:00", "vulnerabilityPublicationDate": "2012-01-10T00:00:00", "exploitableWith": []}, "lastseen": "2021-08-11T14:25:23", "differentElements": ["nessusSeverity"], "edition": 7}], "viewCount": 33, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-0389"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108640"]}, {"type": "exploitdb", "idList": ["EDB-ID:18447", "EDB-ID:36547"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103388"]}, {"type": "seebug", "idList": ["SSV:72551"]}], "modified": "2021-08-19T12:58:23", "rev": 2}, "score": {"value": 5.1, "vector": "NONE", "modified": "2021-08-19T12:58:23", "rev": 2}}, "objectVersion": "1.6", "pluginID": "59569", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59569);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0389\");\n script_bugtraq_id(51401);\n script_xref(name:\"EDB-ID\", value:\"18447\");\n\n script_name(english:\"MailEnable ForgottenPassword.aspx Username Parameter XSS\");\n script_summary(english:\"Attempts a non-persistent XSS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server hosts an application that is affected by a\ncross-site scripting vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The webmail client bundled with MailEnable is affected by a\ncross-site scripting vulnerability in the ForgottenPassword.aspx\nscript. The 'Username' parameter fails to properly sanitize user-\nsupplied input. Successful exploitation would allow an attacker to\nsteal cookies used for webmail access.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nerv.fi/CVE-2012-0389.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MailEnable 5.53 / 6.03 or later.\n\nAlternatively, those with MailEnable 4 can apply the fix provided in\nthe referenced URL.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mailenable:mailenable\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"CGI abuses : XSS\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mailenable_webmail_detect.nasl\");\n script_require_keys(\"www/mailenable_webmail\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\ninclude(\"url_func.inc\");\n\nport = get_http_port(default:80);\n\ninstall = get_install_from_kb(appname:\"mailenable_webmail\", port:port, exit_on_fail:TRUE);\ndir = install[\"dir\"];\ndir = ereg_replace(pattern:\"^(.*)/[^/]+\\.aspx\", replace:\"\\1\", string:dir);\n\n# Version 4.x will timeout when accessing ForgottenPassword.aspx\n# unless we first establish a new session.\nnew_session = http_send_recv3(method:\"GET\", item:install[\"dir\"], port:port, exit_on_fail:TRUE);\n\n# Versions 4.x\nif ('ForgottenPassword.aspx?Username=\"' >< new_session[2])\n{\n xss_test = '\"};alert(/' + SCRIPT_NAME + '-' + unixtime() + '/);{\"';\n}\n# Versions 5.x/6.x\nelse xss_test = \"'};alert(/\" + SCRIPT_NAME + \"-\" + unixtime() + \"/);{'\";\n\nexploit = test_cgi_xss(\n port : port,\n dirs : make_list(dir),\n cgi : \"/forgottenpassword.aspx\",\n qs : 'username=' + urlencode(str:xss_test),\n pass_str : xss_test,\n pass_re : 'function PageLoad()',\n silent : TRUE\n);\nif (exploit)\n{\n if (report_verbosity > 0)\n { \n report = \n '\\n' + 'Nessus was able to exploit the issue using the following sequence of' +\n '\\n' + 'URLs :' +\n '\\n' +\n '\\n ' + build_url(port:port, qs:install[\"dir\"]) +\n '\\n ' + build_url(port:port, qs:dir+\"/forgottenpassword.aspx?Username=\"+urlencode(str:xss_test)) +\n '\\n';\n }\n security_warning(port:port, extra:report);\n exit(0);\n}\naudit(AUDIT_WEB_APP_NOT_AFFECTED, \"MailEnable WebMail\", build_url(qs:install[\"dir\"], port:port));\n", "naslFamily": "CGI abuses : XSS", "cpe": ["cpe:/a:mailenable:mailenable"], "solution": "Upgrade to MailEnable 5.53 / 6.03 or later.\n\nAlternatively, those with MailEnable 4 can apply the fix provided in the referenced URL.", "nessusSeverity": "Medium", "cvssScoreSource": "", "vpr": {"risk factor": "Low", "score": "3.8"}, "exploitAvailable": true, "exploitEase": "No exploit is required", "patchPublicationDate": "2012-01-10T00:00:00", "vulnerabilityPublicationDate": "2012-01-10T00:00:00", "exploitableWith": [], "_object_type": "robots.models.nessus.NessusBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.nessus.NessusBulletin"]}], "exploitpack": [{"lastseen": "2020-04-01T19:04:30", "references": [], "description": "\nMailEnable Webmail - Cross-Site Scripting", "edition": 2, "reporter": "Sajjad Pourali", "exploitpack": {"type": "webapps", "platform": "asp"}, "published": "2012-01-13T00:00:00", "title": "MailEnable Webmail - Cross-Site Scripting", "type": "exploitpack", "enchantments": {"dependencies": {"references": [{"idList": ["OPENVAS:1361412562310103388"], "type": "openvas"}, {"idList": ["CVE-2012-0389"], "type": "cve"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"], "type": "nessus"}, {"idList": ["EDB-ID:18447", "EDB-ID:36547"], "type": "exploitdb"}], "modified": "2020-04-01T19:04:30", "rev": 2}, "score": {"value": 5.4, "vector": "NONE", "modified": "2020-04-01T19:04:30", "rev": 2}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2012-0389"], "modified": "2012-01-13T00:00:00", "id": "EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6", "href": "", "viewCount": 7, "sourceData": "ME020567: MailEnable webmail cross-site scripting vulnerability (CWE-79)\nReferences: CVE-2012-0389\nDiscovered by: Sajjad Pourali, Narendra Shinde and Shahab NamaziKhah\nVendor advisory: http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\nVendor contact: 2012-01-04 09:49:36 UTC\nVendor response: 2012-01-04 10:27:13 UTC (Peter Fregon from MailEnable)\nVendor fix and announcement: 2012-01-10 00:50:31 UTC\n\nVulnerability description:\n\nMailEnable <http://www.mailenable.com/> Professional and Enterprise versions are prone to cross-site scripting vulnerabilities as the user-supplied input received via \"Username\" parameter of \"ForgottonPassword.aspx\" page is not properly sanitized. A specially crafted URL which a user clicks could gain access to the users cookies for webmail or execute other malicious code in users browser in context of the domain in use.\n\nRemote: yes\nAuthentication required: no\nUser interaction required: yes\n\nAffected:\n\n- MailEnable Professional, Enterprise & Premium 4.26 and earlier\n- MailEnable Professional, Enterprise & Premium 5.52 and earlier\n- MailEnable Professional, Enterprise & Premium 6.02 and earlier\n\nNot affected:\n\n- MailEnable Standard is not affected.\n\nPoC:\n\nhttp://server/mewebmail/Mondo/lang/sys/ForgottenPassword.aspx?Username='};alert(/XSS/);{'\n\nResolution:\n\nUsers of MailEnable 5 and 6 can resolve the issue by upgrading to version 5.53 or 6.03 or later. Alternatively, and for version 4 users, the following fix can be applied:\n\n1) Open the ForgottenPassword.aspx file in Notepad. This file is in the Mail Enable\\bin\\NETWebMail\\Mondo\\lang\\[language] folders in version 4 and in Mail Enable\\bin\\NETWebMail\\Mondo\\lang\\sys in version 5 and 6.\n2) Locate and remove the following line, then save the file: document.getElementById(\"txtUsername\").value = '<%= Request.Item(\"Username\") %>';", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "objectVersion": "1.5", "scheme": null, "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "history": [{"lastseen": "2020-04-01T19:04:30", "different_elements": ["cvss2"], "edition": 1, "bulletin": {"lastseen": "2020-04-01T19:04:30", "references": [], "description": "\nMailEnable Webmail - Cross-Site Scripting", "edition": 1, "cvss3": {}, "reporter": "Sajjad Pourali", "history": [], "published": "2012-01-13T00:00:00", "enchantments": {"score": {"rev": 2, "modified": "2020-04-01T19:04:30", "vector": "NONE", "value": 5.4}, "dependencies": {"rev": 2, "references": [{"idList": ["OPENVAS:1361412562310103388"], "type": "openvas"}, {"idList": ["CVE-2012-0389"], "type": "cve"}, {"idList": ["PACKETSTORM:108640"], "type": "packetstorm"}, {"idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"], "type": "securityvulns"}, {"idList": ["SSV:72551"], "type": "seebug"}, {"idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"], "type": "nessus"}, {"idList": ["EDB-ID:18447", "EDB-ID:36547"], "type": "exploitdb"}], "modified": "2020-04-01T19:04:30"}}, "title": "MailEnable Webmail - Cross-Site Scripting", "type": "exploitpack", "objectVersion": "1.5", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2012-0389"], "immutableFields": [], "modified": "2012-01-13T00:00:00", "href": "", "id": "EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6", "viewCount": 6, "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "74ae536aaf674f0825de69fffa02983f", "key": "description"}, {"hash": "dc458864edb54b5f0b4539660f29c6cb", "key": "modified"}, {"hash": "dc1db2ff451981c50032c54bb22011ff", "key": "cvelist"}, {"hash": "3139bf120f3a22b23458a1e87691a51e", "key": "reporter"}, {"hash": "dc458864edb54b5f0b4539660f29c6cb", "key": "published"}, {"hash": "e6563e86d2ba8d51aaf8f54a6b395ff6", "key": "title"}, {"hash": "aca037d6b71a6794ffbc919aafbef6ac", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss2"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}], "hash": "ce9250315e6efcb7e99ed8a5cc73bce4e47f08480d2f91358147cef26b62ac85"}}], "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "dc1db2ff451981c50032c54bb22011ff"}, {"key": "cvss", "hash": "f74a1c24e49a5ecb0eefb5e51d4caa14"}, {"key": "cvss2", "hash": "25131d66a9f3961140b068f4b41aa42b"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "description", "hash": "74ae536aaf674f0825de69fffa02983f"}, {"key": "href", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "dc458864edb54b5f0b4539660f29c6cb"}, {"key": "published", "hash": "dc458864edb54b5f0b4539660f29c6cb"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "3139bf120f3a22b23458a1e87691a51e"}, {"key": "title", "hash": "e6563e86d2ba8d51aaf8f54a6b395ff6"}, {"key": "type", "hash": "aca037d6b71a6794ffbc919aafbef6ac"}], "hash": "3704b76b51ddff7933c47667f71c702b6052ff9ecf96ba350ca0021ad585f46b"}], "seebug": [{"lastseen": "2017-11-19T15:01:04", "modified": "2014-07-01T00:00:00", "description": "No description provided by source.", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "published": "2014-07-01T00:00:00", "_object_type": "robots.models.seebug.SeebugBulletin", "status": "cve,poc", "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2017-11-19T15:01:04", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-0389"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27554", "SECURITYVULNS:VULN:12142"]}, {"type": "exploitdb", "idList": ["EDB-ID:36547", "EDB-ID:18447"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103388"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:E6563E86D2BA8D51AAF8F54A6B395FF6"]}, {"type": "nessus", "idList": ["MAILENABLE_FORGOTTENPASSWORD_XSS.NASL"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108640"]}], "modified": "2017-11-19T15:01:04", "rev": 2}}, "href": "https://www.seebug.org/vuldb/ssvid-72551", "references": [], "history": [], "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "id": "SSV:72551", "title": "MailEnable Webmail Cross-Site Scripting Vulnerability", "bulletinFamily": "exploit", "reporter": "Root", "cvelist": ["CVE-2012-0389"], "viewCount": 9, "sourceData": "\n ME020567: MailEnable webmail cross-site scripting vulnerability (CWE-79)\r\nReferences: CVE-2012-0389\r\nDiscovered by: Sajjad Pourali, Narendra Shinde and Shahab NamaziKhah\r\nVendor advisory: http://www.mailenable.com/kb/Content/Article.asp?ID=me020567\r\nVendor contact: 2012-01-04 09:49:36 UTC\r\nVendor response: 2012-01-04 10:27:13 UTC (Peter Fregon from MailEnable)\r\nVendor fix and announcement: 2012-01-10 00:50:31 UTC\r\n\r\nVulnerability description:\r\n\r\nMailEnable <http://www.mailenable.com/> Professional and Enterprise versions are prone to cross-site scripting vulnerabilities as the user-supplied input received via "Username" parameter of "ForgottonPassword.aspx" page is not properly sanitized. A specially crafted URL which a user clicks could gain access to the users cookies for webmail or execute other malicious code in users browser in context of the domain in use.\r\n\r\nRemote: yes\r\nAuthentication required: no\r\nUser interaction required: yes\r\n\r\nAffected:\r\n\r\n- MailEnable Professional, Enterprise & Premium 4.26 and earlier\r\n- MailEnable Professional, Enterprise & Premium 5.52 and earlier\r\n- MailEnable Professional, Enterprise & Premium 6.02 and earlier\r\n\r\nNot affected:\r\n\r\n- MailEnable Standard is not affected.\r\n\r\nPoC:\r\n\r\nhttp://server/mewebmail/Mondo/lang/sys/ForgottenPassword.aspx?Username='};alert(/XSS/);{'\r\n\r\nResolution:\r\n\r\nUsers of MailEnable 5 and 6 can resolve the issue by upgrading to version 5.53 or 6.03 or later. Alternatively, and for version 4 users, the following fix can be applied:\r\n\r\n1) Open the ForgottenPassword.aspx file in Notepad. This file is in the Mail Enable\\bin\\NETWebMail\\Mondo\\lang\\[language] folders in version 4 and in Mail Enable\\bin\\NETWebMail\\Mondo\\lang\\sys in version 5 and 6.\r\n2) Locate and remove the following line, then save the file: document.getElementById("txtUsername").value = '<%= Request.Item("Username") %>';\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-72551", "type": "seebug", "objectVersion": "1.4"}]}
