CVE-2026-32852 | MailEnable up to 10.54 Webmail Interface FreeBusy.aspx StartDate cross site scripting

Inserito da Angelo Barbosa | Mar 24, 2026 | CVE

A vulnerability labeled as problematic has been found in MailEnable up to 10.54. This impacts an unknown function of the file FreeBusy.aspx of the component Webmail Interface. The manipulation of the argument StartDate results in cross site scripting.

This vulnerability is cataloged as CVE-2026-32852. The attack may be launched remotely. There is no exploit available.

The affected component should be upgraded.

CVE-2026-32852 | MailEnable up to 10.54 Webmail Interface FreeBusy.aspx StartDate cross site scripting

Post correlati

CVE-2025-62056 | News Event Theme Plugin up to 1.0.1 on WordPress unrestricted upload

CVE-2024-7955 | Starbox Plugin up to 3.5.1 on WordPress Setting cross site scripting

CVE-2024-35662 | Andreas Sofantzis Simple COD Fees for WooCommerce Plugin up to 2.0.2 on WordPress authorization

CVE-2024-36239 | Adobe Experience Manager up to 6.5.20 Link cross site scripting (apsb24-28)