CVE-2007-0651 in Web Mailinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

02/01/2007

Disclosure

02/15/2007

Moderation

VulDB entry created

Entries

3: VDB-85153

CPE

ready

CWE

CWE-80 (Confirmed)

CVSS

6.3

EPSS

0.03576

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-0651
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-0651
CVE Details	https://www.cvedetails.com/cve/CVE-2007-0651/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!