CVE-2025-34425 | MailEnable up to 10.53 compose.aspx ProcessContextSwitchResult WindowContext cross site scripting

Inserito da Angelo Barbosa | Dic 10, 2025 | CVE

A vulnerability categorized as problematic has been discovered in MailEnable up to 10.53. This affects the function ProcessContextSwitchResult of the file /Mondo/lang/sys/Forms/MAI/compose.aspx. The manipulation of the argument WindowContext results in cross site scripting.

This vulnerability is cataloged as CVE-2025-34425. The attack may be launched remotely. There is no exploit available.

It is advisable to upgrade the affected component.

CVE-2025-34425 | MailEnable up to 10.53 compose.aspx ProcessContextSwitchResult WindowContext cross site scripting

Post correlati

CVE-2023-6438 | IceCMS 2.0.1 Like /WebArticle/articles/ improper enforcement of a single, unique action

CVE-2024-11971 | Guizhou Xiaoma Technology jpress 5.1.2 Avatar upload files cross site scripting

CVE-2024-38503 | Apache Syncope up to 2.1.14/3.0.7 Text Field input validation

CVE-2024-33302 | SourceCodester Product Show Room up to 1.0 Add Users Middle Name cross site scripting