Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2012-0389
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and earlier, 5.x before 5.53, and 6.x before 6.03 allows remote attackers to inject arbitrary web script or HTML via the Username parameter..
CVSSv2.0 Score
- Severity
- Medium
- Base Score
- 4.3/10
- Exploit Score
- 8.6/10
- Access Vector
- Network
- Access Complexity
- Medium
- Authentication Required
- None
- Impact Score
- 2.9/10
- Confidentiality Impact
- None
- Availability Impact
- None
- Integrity Impact
- Partial
Products Affected
| CPE | Affected | Vulnerable | Excluding | Edit |
|---|---|---|---|---|
| cpe:2.3:a:mailenable:mailenable:3.6:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.17:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.73:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.12:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.0:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.52:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.10:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.5:*:professional:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.24:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.2a:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.02:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.13:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.17:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.1:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.22:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.03:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.70:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.14:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.0:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.71:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.74:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:*:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.76:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.11:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.63:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.54:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.52:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.53:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.79:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.6:*:professional:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.62:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.77:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.15:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.19:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.53:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.18:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.5:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.04:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.13:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.14:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.72:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.01:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.52:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.51:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.7:*:professional:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.01:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.2:*:professional:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.25:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.61:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.75:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.12:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.11:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.78:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.51:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.23:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.16:-:pro:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.26:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:*:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.53:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.22:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.02:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.52:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.11:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.0:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.03:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.62:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.23:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.24:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.24:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.01:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.17:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.25:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.52:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.12:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.25:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.16:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.11:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.02:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.61:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.1:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.22:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.1:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.03:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.2:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.13:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.14:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.13:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.6:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.14:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.00:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.04:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.63:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.15:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.5:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.04:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.10:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.12:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.21:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.0:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.23:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.51:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:1.01:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:3.01:-:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.21:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.24:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.1:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.23:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:*:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.22:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.25:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:4.2:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.11:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.02:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.07:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.03:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.51:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.5:*:professional:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.06:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.05:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.04:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.10:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.52:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.01:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.0:*:professional:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.07:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.5:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.52:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.02:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.03:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.11:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.06:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.10:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.0:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.01:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.05:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.04:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.51:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.51:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.10:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.06:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.05:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.5:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.01:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.04:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.0:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.52:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.02:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.07:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.03:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:5.11:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:6.0:*:professional:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:6.02:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:6.01:*:professional:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:6.0:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:6.01:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:6.02:*:enterprise:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:6.0:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:6.01:*:premium:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:mailenable:mailenable:6.02:*:premium:*:*:*:*:* |
Yes
|
- | - |
References
- http://www.mailenable.com/kb/Content/Article.asp?ID=me020567
- http://www.securitytracker.com/id?1026519
- http://secunia.com/advisories/47562
- http://osvdb.org/78242
- http://www.securityfocus.com/bid/51401
- http://www.nerv.fi/CVE-2012-0389.txt
- http://archives.neohapsis.com/archives/bugtraq/2012-01/0090.html
- http://secunia.com/advisories/47518
- http://www.exploit-db.com/exploits/18447
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72380