Vulnerability Details CVE-2012-0389
Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and earlier, 5.x before 5.53, and 6.x before 6.03 allows remote attackers to inject arbitrary web script or HTML via the Username parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.464
EPSS Ranking 97.5%
CVSS Severity
CVSS v2 Score 4.3
References
- http://archives.neohapsis.com/archives/bugtraq/2012-01/0090.html
- http://osvdb.org/78242
- http://secunia.com/advisories/47518
- http://secunia.com/advisories/47562
- http://www.exploit-db.com/exploits/18447
- http://www.mailenable.com/kb/Content/Article.asp?ID=me020567
- http://www.nerv.fi/CVE-2012-0389.txt
- http://www.securityfocus.com/bid/51401
- http://www.securitytracker.com/id?1026519
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72380
- http://archives.neohapsis.com/archives/bugtraq/2012-01/0090.html
- http://osvdb.org/78242
- http://secunia.com/advisories/47518
- http://secunia.com/advisories/47562
- http://www.exploit-db.com/exploits/18447
- http://www.mailenable.com/kb/Content/Article.asp?ID=me020567
- http://www.nerv.fi/CVE-2012-0389.txt
- http://www.securityfocus.com/bid/51401
- http://www.securitytracker.com/id?1026519
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72380
Products affected by CVE-2012-0389
-
cpe:2.3:a:mailenable:mailenable:*
-
cpe:2.3:a:mailenable:mailenable:1.00
-
cpe:2.3:a:mailenable:mailenable:1.01
-
cpe:2.3:a:mailenable:mailenable:1.02
-
cpe:2.3:a:mailenable:mailenable:1.03
-
cpe:2.3:a:mailenable:mailenable:1.04
-
cpe:2.3:a:mailenable:mailenable:1.1
-
cpe:2.3:a:mailenable:mailenable:1.17
-
cpe:2.3:a:mailenable:mailenable:1.18
-
cpe:2.3:a:mailenable:mailenable:1.19
-
cpe:2.3:a:mailenable:mailenable:1.2
-
cpe:2.3:a:mailenable:mailenable:1.21
-
cpe:2.3:a:mailenable:mailenable:1.22
-
cpe:2.3:a:mailenable:mailenable:1.23
-
cpe:2.3:a:mailenable:mailenable:1.24
-
cpe:2.3:a:mailenable:mailenable:1.25
-
cpe:2.3:a:mailenable:mailenable:1.26
-
cpe:2.3:a:mailenable:mailenable:1.2a
-
cpe:2.3:a:mailenable:mailenable:1.5
-
cpe:2.3:a:mailenable:mailenable:1.51
-
cpe:2.3:a:mailenable:mailenable:1.52
-
cpe:2.3:a:mailenable:mailenable:1.53
-
cpe:2.3:a:mailenable:mailenable:1.54
-
cpe:2.3:a:mailenable:mailenable:1.6
-
cpe:2.3:a:mailenable:mailenable:1.7
-
cpe:2.3:a:mailenable:mailenable:1.70
-
cpe:2.3:a:mailenable:mailenable:1.71
-
cpe:2.3:a:mailenable:mailenable:1.72
-
cpe:2.3:a:mailenable:mailenable:1.73
-
cpe:2.3:a:mailenable:mailenable:1.74
-
cpe:2.3:a:mailenable:mailenable:1.75
-
cpe:2.3:a:mailenable:mailenable:1.76
-
cpe:2.3:a:mailenable:mailenable:1.77
-
cpe:2.3:a:mailenable:mailenable:1.78
-
cpe:2.3:a:mailenable:mailenable:1.79
-
cpe:2.3:a:mailenable:mailenable:3.0
-
cpe:2.3:a:mailenable:mailenable:3.01
-
cpe:2.3:a:mailenable:mailenable:3.02
-
cpe:2.3:a:mailenable:mailenable:3.03
-
cpe:2.3:a:mailenable:mailenable:3.04
-
cpe:2.3:a:mailenable:mailenable:3.10
-
cpe:2.3:a:mailenable:mailenable:3.11
-
cpe:2.3:a:mailenable:mailenable:3.12
-
cpe:2.3:a:mailenable:mailenable:3.13
-
cpe:2.3:a:mailenable:mailenable:3.14
-
cpe:2.3:a:mailenable:mailenable:3.5
-
cpe:2.3:a:mailenable:mailenable:3.51
-
cpe:2.3:a:mailenable:mailenable:3.52
-
cpe:2.3:a:mailenable:mailenable:3.53
-
cpe:2.3:a:mailenable:mailenable:3.6
-
cpe:2.3:a:mailenable:mailenable:3.61
-
cpe:2.3:a:mailenable:mailenable:3.62
-
cpe:2.3:a:mailenable:mailenable:3.63
-
cpe:2.3:a:mailenable:mailenable:4.0
-
cpe:2.3:a:mailenable:mailenable:4.01
-
cpe:2.3:a:mailenable:mailenable:4.1
-
cpe:2.3:a:mailenable:mailenable:4.11
-
cpe:2.3:a:mailenable:mailenable:4.12
-
cpe:2.3:a:mailenable:mailenable:4.13
-
cpe:2.3:a:mailenable:mailenable:4.14
-
cpe:2.3:a:mailenable:mailenable:4.15
-
cpe:2.3:a:mailenable:mailenable:4.16
-
cpe:2.3:a:mailenable:mailenable:4.17
-
cpe:2.3:a:mailenable:mailenable:4.2
-
cpe:2.3:a:mailenable:mailenable:4.21
-
cpe:2.3:a:mailenable:mailenable:4.22
-
cpe:2.3:a:mailenable:mailenable:4.23
-
cpe:2.3:a:mailenable:mailenable:4.24
-
cpe:2.3:a:mailenable:mailenable:4.25
-
cpe:2.3:a:mailenable:mailenable:4.26
-
cpe:2.3:a:mailenable:mailenable:5.0
-
cpe:2.3:a:mailenable:mailenable:5.01
-
cpe:2.3:a:mailenable:mailenable:5.02
-
cpe:2.3:a:mailenable:mailenable:5.03
-
cpe:2.3:a:mailenable:mailenable:5.04
-
cpe:2.3:a:mailenable:mailenable:5.05
-
cpe:2.3:a:mailenable:mailenable:5.06
-
cpe:2.3:a:mailenable:mailenable:5.07
-
cpe:2.3:a:mailenable:mailenable:5.10
-
cpe:2.3:a:mailenable:mailenable:5.11
-
cpe:2.3:a:mailenable:mailenable:5.5
-
cpe:2.3:a:mailenable:mailenable:5.51
-
cpe:2.3:a:mailenable:mailenable:5.52
-
cpe:2.3:a:mailenable:mailenable:6.0
-
cpe:2.3:a:mailenable:mailenable:6.01
-
cpe:2.3:a:mailenable:mailenable:6.02