Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mailenable_professional | Mailenable | 1.107 | 1.107 |
| Mailenable_professional | Mailenable | 1.14 | 1.14 |
| Mailenable_professional | Mailenable | 2.33 | 2.33 |
| Mailenable_professional | Mailenable | 1.101 | 1.101 |
| Mailenable_professional | Mailenable | 1.52 | 1.52 |
| Mailenable_professional | Mailenable | 1.15 | 1.15 |
| Mailenable_professional | Mailenable | 1.115 | 1.115 |
| Mailenable_professional | Mailenable | 1.17 | 1.17 |
| Mailenable_professional | Mailenable | 1.106 | 1.106 |
| Mailenable_professional | Mailenable | 1.0.007 | 1.0.007 |
| Mailenable_professional | Mailenable | 1.111 | 1.111 |
| Mailenable_professional | Mailenable | 1.108 | 1.108 |
| Mailenable_professional | Mailenable | 1.18 | 1.18 |
| Mailenable_professional | Mailenable | 1.7 | 1.7 |
| Mailenable_professional | Mailenable | 1.116 | 1.116 |
| Mailenable_professional | Mailenable | 1.5 | 1.5 |
| Mailenable_professional | Mailenable | 1.114 | 1.114 |
| Mailenable_professional | Mailenable | 1.72 | 1.72 |
| Mailenable_professional | Mailenable | 1.0.016 | 1.0.016 |
| Mailenable_professional | Mailenable | 1.83 | 1.83 |
| Mailenable_professional | Mailenable | 1.0.011 | 1.0.011 |
| Mailenable_professional | Mailenable | 1.103 | 1.103 |
| Mailenable_professional | Mailenable | 1.102 | 1.102 |
| Mailenable_professional | Mailenable | 1.0.006 | 1.0.006 |
| Mailenable_professional | Mailenable | 1.0.008 | 1.0.008 |
| Mailenable_professional | Mailenable | 1.0.005 | 1.0.005 |
| Mailenable_professional | Mailenable | 1.19 | 1.19 |
| Mailenable_professional | Mailenable | 1.0.004 | 1.0.004 |
| Mailenable_professional | Mailenable | 1.82 | 1.82 |
| Mailenable_professional | Mailenable | 1.0.014 | 1.0.014 |
| Mailenable_professional | Mailenable | 1.0.010 | 1.0.010 |
| Mailenable_professional | Mailenable | 2.0 | 2.0 |
| Mailenable_professional | Mailenable | 1.2a | 1.2a |
| Mailenable_professional | Mailenable | 2.35 | 2.35 |
| Mailenable_professional | Mailenable | 1.0.012 | 1.0.012 |
| Mailenable_professional | Mailenable | 1.109 | 1.109 |
| Mailenable_professional | Mailenable | 1.51 | 1.51 |
| Mailenable_professional | Mailenable | 1.0.017 | 1.0.017 |
| Mailenable_professional | Mailenable | 2.34 | 2.34 |
| Mailenable_professional | Mailenable | 1.113 | 1.113 |
| Mailenable_professional | Mailenable | 2.32 | 2.32 |
| Mailenable_professional | Mailenable | 1.54 | 1.54 |
| Mailenable_professional | Mailenable | 1.16 | 1.16 |
| Mailenable_professional | Mailenable | 1.105 | 1.105 |
| Mailenable_professional | Mailenable | 1.2 | 1.2 |
| Mailenable_professional | Mailenable | 1.0.013 | 1.0.013 |
| Mailenable_professional | Mailenable | 1.12 | 1.12 |
| Mailenable_professional | Mailenable | 1.0.015 | 1.0.015 |
| Mailenable_professional | Mailenable | 1.13 | 1.13 |
| Mailenable_professional | Mailenable | 2.2 | 2.2 |
| Mailenable_professional | Mailenable | 1.104 | 1.104 |
| Mailenable_professional | Mailenable | 1.110 | 1.110 |
| Mailenable_professional | Mailenable | 1.84 | 1.84 |
| Mailenable_professional | Mailenable | 1.112 | 1.112 |
| Mailenable_professional | Mailenable | 1.53 | 1.53 |
| Mailenable_professional | Mailenable | 2.351 | 2.351 |
| Mailenable_professional | Mailenable | 2.1 | 2.1 |
| Mailenable_professional | Mailenable | 1.6 | 1.6 |
| Mailenable_professional | Mailenable | 1.0.009 | 1.0.009 |
| Mailenable_professional | Mailenable | 1.73 | 1.73 |
| Mailenable_professional | Mailenable | 1.1 | 1.1 |