CVE-2026-32851 | MailEnable up to 10.54 Webmail Interface FreeBusy.aspx Attendees cross site scripting

Inserito da Angelo Barbosa | Mar 24, 2026 | CVE

A vulnerability identified as problematic has been detected in MailEnable up to 10.54. This affects an unknown function of the file FreeBusy.aspx of the component Webmail Interface. The manipulation of the argument Attendees leads to cross site scripting.

This vulnerability is listed as CVE-2026-32851. The attack may be initiated remotely. There is no available exploit.

You should upgrade the affected component.

CVE-2026-32851 | MailEnable up to 10.54 Webmail Interface FreeBusy.aspx Attendees cross site scripting

Post correlati

CVE-2025-14523 | libsoup HTTP Header Host request smuggling

CVE-2023-52123 | WPChill Strong Testimonials Plugin up to 3.1.10 on WordPress cross-site request forgery

CVE-2023-7075 | code-projects Point of Sales and Inventory Management System 1.0 /main/checkout.php pt cross site scripting

CVE-2024-26450 | Piwigo up to 14.1.x Admin Page batch cross site scripting (GHSA-p362-cfpj-q55f)