Vulnerability Details CVE-2015-9280
MailEnable before 8.60 allows XXE via an XML document in the request.aspx Options parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.4%
CVSS Severity
CVSS v3 Score 10.0
CVSS v2 Score 5.0
References
- https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt
- https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf
- https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/
- https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt
- https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf
- https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/
Products affected by CVE-2015-9280
-
cpe:2.3:a:mailenable:mailenable:8.00
-
cpe:2.3:a:mailenable:mailenable:8.01
-
cpe:2.3:a:mailenable:mailenable:8.02
-
cpe:2.3:a:mailenable:mailenable:8.03
-
cpe:2.3:a:mailenable:mailenable:8.04
-
cpe:2.3:a:mailenable:mailenable:8.50
-
cpe:2.3:a:mailenable:mailenable:8.51
-
cpe:2.3:a:mailenable:mailenable:8.52
-
cpe:2.3:a:mailenable:mailenable:8.53
-
cpe:2.3:a:mailenable:mailenable:8.54
-
cpe:2.3:a:mailenable:mailenable:8.55
-
cpe:2.3:a:mailenable:mailenable:8.56
-
cpe:2.3:a:mailenable:mailenable:8.57
-
cpe:2.3:a:mailenable:mailenable:8.58
-
cpe:2.3:a:mailenable:mailenable:8.59