CVE-2025-34425 | MailEnable up to 10.53 compose.aspx ProcessContextSwitchResult WindowContext cross site scripting

Inserito da Angelo Barbosa | Dic 10, 2025 | CVE

A vulnerability categorized as problematic has been discovered in MailEnable up to 10.53. This affects the function ProcessContextSwitchResult of the file /Mondo/lang/sys/Forms/MAI/compose.aspx. The manipulation of the argument WindowContext results in cross site scripting.

This vulnerability is cataloged as CVE-2025-34425. The attack may be launched remotely. There is no exploit available.

It is advisable to upgrade the affected component.

CVE-2025-34425 | MailEnable up to 10.53 compose.aspx ProcessContextSwitchResult WindowContext cross site scripting

Post correlati

CVE-2024-6176 | LG Electronics LG SuperSign CMS up to 4.3.0 allocation of resources

CVE-2025-0815 | Schneider Electric Enerlin X IFE interface/Enerlin X eIFE ICMPv6 Packet denial of service (SEVD-2025-042-04)

CVE-2025-3794 | WPForms Plugin up to 1.9.5 on WordPress start_timestamp cross site scripting

CVE-2024-3208 | Sydney Toolbox Plugin up to 1.28 on WordPress Filterable Gallery cross site scripting