CVE-2012-2588
MailEnable Enterprise 6.5 - XSS
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Enterprise 6.5 allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, or (3) Subject header or (4) body in an SMTP e-mail message.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by loneferret · pythonwebappswindows
https://www.exploit-db.com/exploits/20351
References (5)
Scores
EPSS
0.0041
EPSS Percentile
61.2%
Classification
CWE
CWE-79
Status
draft
Affected Products (1)
mailenable/mailenable
Timeline
Published
Sep 19, 2014
Tracked Since
Feb 18, 2026