CVE-2025-34403
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-09

Last updated on: 2025-12-09

Assigner: VulnCheck

Description
MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the FieldTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The FieldTo value is not properly sanitized when processed via a GET request and is reflected inside a <script> block in the JavaScript variable var fieldTo. By supplying a crafted payload that terminates the existing Finish() function, inserts attacker-controlled script, and comments out remaining code, a remote attacker can execute arbitrary JavaScript in a victim’s browser when the victim attempts to send an email. Successful exploitation can redirect victims to malicious sites, steal non-HttpOnly cookies, inject arbitrary HTML or CSS, and perform actions as the authenticated user.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-09
Last Modified
2025-12-09
Generated
2026-05-07
AI Q&A
2025-12-09
EPSS Evaluated
2026-05-05
NVD
CVE-2025-34403
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
mailenable mailenable 10.54
mailenable mailenable to 10.54 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a reflected cross-site scripting (XSS) issue in MailEnable versions prior to 10.54. It occurs in the FieldTo parameter of the /Mondo/lang/sys/Forms/AddressBook.aspx page. The parameter is not properly sanitized when processed via a GET request and is reflected inside a <script> block in a JavaScript variable. An attacker can craft a payload that breaks out of the existing JavaScript function, inject malicious script, and comment out the rest of the code. This allows the attacker to execute arbitrary JavaScript in the victim's browser when they try to send an email.


How can this vulnerability impact me? :

Exploitation of this vulnerability can allow an attacker to redirect victims to malicious websites, steal cookies that are not marked as HttpOnly, inject arbitrary HTML or CSS, and perform actions on behalf of the authenticated user in the application. This can lead to account compromise, data theft, and further attacks on the victim.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by sending crafted GET requests to the /Mondo/lang/sys/Forms/AddressBook.aspx page with malicious payloads in the FieldTo parameter and observing if the payload is reflected unsanitized inside the JavaScript variable var fieldTo. Specific commands are not provided in the resources, but a typical approach would be to use tools like curl or a web proxy to send requests such as: curl -G 'http://<target>/Mondo/lang/sys/Forms/AddressBook.aspx' --data-urlencode 'FieldTo=<payload>' and check the response for reflected script injection. [3]


What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to upgrade MailEnable to version 10.54 or later, as this version includes fixes for this reflected XSS vulnerability. Additionally, applying security best practices such as enforcing secure cookies over SSL, input validation, and escaping user inputs in webmail interfaces can help reduce risk. If upgrading immediately is not possible, restricting access to the vulnerable endpoint and monitoring for suspicious activity may help mitigate exploitation. [2, 3]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart