Showing 1 - 1 of 1

CVE-2012-0389

Status Candidate

Overview

Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and earlier, 5.x before 5.53, and 6.x before 6.03 allows remote attackers to inject arbitrary web script or HTML via the Username parameter.

Related Files

MailEnable Webmail Cross Site Scripting: Posted Jan 13, 2012; Authored by Narendra Shinde, Sajjad Pourali, Shahab NamaziKhah; MailEnable Professional and Enterprise versions are prone to cross site scripting vulnerabilities as the user-supplied input received via the "Username" parameter of the "ForgottonPassword.aspx" page is not properly sanitized. Versions 4.2.6 and below, 5.52 and below and 6.02 and below are affected.; tags | exploit, vulnerability, xss; advisories | CVE-2012-0389; SHA-256 | cab4ee58932f48fbb2493be671b4513aaa7da0caa31bfdb2f95731c6adf0d732; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 291 files
Ubuntu 63 files
LiquidWorm 29 files
indoushka 20 files
Debian 19 files
Apple 10 files
Google Security Research 7 files
Chokri Hammedi 3 files
Jann Horn 3 files
Emiliano Febbi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,154)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,795)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,227)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,962)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2012-0389

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems