Описание
Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:mailenable:mailenable_professional:1.0.004:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.0.005:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.0.006:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.0.007:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.0.008:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.0.009:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.0.010:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.0.011:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.0.012:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.0.013:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.0.014:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.0.015:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.0.016:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.0.017:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.1:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.2:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.2a:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.5:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.6:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.7:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.12:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.13:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.14:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.15:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.16:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.17:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.18:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.19:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.51:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.52:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.53:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.54:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.72:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.73:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.82:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.83:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.84:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.101:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.102:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.103:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.104:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.105:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.106:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.107:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.108:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.109:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.110:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.111:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.112:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.113:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.114:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.115:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.116:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:2.0:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:2.1:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:2.2:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:2.32:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:2.33:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:2.34:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:2.35:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:2.351:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.03049
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag.
EPSS
Процентиль: 86%
0.03049
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other