MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the users settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mailenable_professional | Mailenable | 1.7 (including) | 1.7 (including) |
Mailenable_professional | Mailenable | 1.71 (including) | 1.71 (including) |
Mailenable_professional | Mailenable | 1.72 (including) | 1.72 (including) |
Mailenable_professional | Mailenable | 1.73 (including) | 1.73 (including) |
Mailenable_professional | Mailenable | 1.74 (including) | 1.74 (including) |
Mailenable_professional | Mailenable | 1.75 (including) | 1.75 (including) |
Mailenable_professional | Mailenable | 1.76 (including) | 1.76 (including) |
Mailenable_professional | Mailenable | 1.77 (including) | 1.77 (including) |