CVE-2025-34400
BaseFortify
Publication date: 2025-12-09
Last updated on: 2025-12-09
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mailenable | mailenable | 10.54 |
| mailenable | mailenable | to 10.54 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by sending crafted GET requests to the /Mondo/lang/sys/Forms/AddressBook.aspx endpoint with malicious payloads in the AddressesTo parameter and observing if the response reflects the payload within a <script> block without proper sanitization. For example, using curl or similar tools, you can run a command like: curl -v "http://<target>/Mondo/lang/sys/Forms/AddressBook.aspx?AddressesTo=<script>alert(1)</script>" and check if the response contains the injected script. Detection involves verifying if the input is improperly reflected and executed in the response, indicating the presence of the reflected XSS vulnerability. [2]
Can you explain this vulnerability to me?
This vulnerability is a reflected cross-site scripting (XSS) issue in MailEnable versions prior to 10.54. It occurs in the AddressesTo parameter of the /Mondo/lang/sys/Forms/AddressBook.aspx page. The parameter is not properly sanitized when processed via a GET request and is reflected inside a <script> block in the response. An attacker can craft a payload that breaks out of the existing JavaScript function, injects malicious script, and comments out the remaining code. This allows the attacker to execute arbitrary JavaScript in the victim's browser when the victim tries to send an email.
How can this vulnerability impact me? :
Exploitation of this vulnerability can allow a remote attacker to execute arbitrary JavaScript in the victim's browser. This can lead to redirecting victims to malicious websites, stealing non-HttpOnly cookies, injecting arbitrary HTML or CSS, and performing actions on behalf of the authenticated user, potentially compromising user accounts and data.
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade MailEnable to version 10.54 or later, where this reflected XSS vulnerability in the AddressesTo parameter has been fixed. Additionally, applying any available patches or updates that address webmail XSS vulnerabilities is recommended. Until the update is applied, consider restricting access to the vulnerable endpoint, implementing web application firewall (WAF) rules to block malicious payloads targeting the AddressesTo parameter, and educating users to be cautious of suspicious links that may exploit this vulnerability. [2, 3]