Cross-Site Scripting Vulnerabilities in MailEnable Professional by MailEnable
CVE-2007-0651

Currently unrated

Key Information:

Vendor

Mailenable

Status
Mailenable Professional
Vendor
CVE Published:
15 February 2007

What is CVE-2007-0651?

MailEnable Professional versions prior to 2.37 are susceptible to multiple cross-site scripting (XSS) vulnerabilities. These flaws allow remote attackers to inject arbitrary JavaScript code through e-mail messages and specific parameters in web scripts such as right.asp, Forms/MAI/list.asp, and Forms/VCF/list.asp. Exploitation of these vulnerabilities can lead to significant security risks, including the theft of sensitive user information and session credentials.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://securityreason.com/securityalert/2258
third-party-advisoryx_refsource_SREASON
http://secunia.com/advisories/23998
third-party-advisoryx_refsource_SECUNIA
http://www.mailenable.com/Professional20-ReleaseNotes.txt
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.