Cross-Site Request Forgery Vulnerability in MailEnable Professional
CVE-2007-0652

Currently unrated

Key Information:

Vendor: Mailenable
Status: Mailenable Professional
Vendor: CVE Published:; 15 February 2007

What is CVE-2007-0652?

The vulnerability in MailEnable Professional prior to version 2.37 allows remote attackers to exploit a Cross-site Request Forgery (CSRF) weakness. By leveraging specially crafted links or IMG tags, attackers can manipulate system configurations and execute unauthorized actions, potentially impacting user accounts without their consent. This highlights a critical need for secure coding practices to prevent such exploits.

References

http://securityreason.com/securityalert/2258

third-party-advisoryx_refsource_SREASON

http://secunia.com/advisories/23998

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/archive/1/460063/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 15, 2007
Vulnerability Reserved
Feb 1, 2007

CVE-2007-0652 Data

JSON

Mailenable

What is CVE-2007-0652?

References

Timeline