Unrated severityNVD Advisory· Published Jul 8, 2019· Updated Aug 4, 2024
CVE-2019-12927
CVE-2019-12927
Description
MailEnable Enterprise Premium 10.23 was vulnerable to stored and reflected cross-site scripting (XSS) attacks. Because the session cookie did not use the HttpOnly flag, it was possible to hijack the session cookie by exploiting this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- MailEnable/MailEnable Enterprise Premiumdescription
- Range: =10.23
Patches
Vulnerability mechanics
References
2- www.mailenable.com/Premium-ReleaseNotes.txtmitrex_refsource_CONFIRM
- www.nccgroup.trust/uk/our-research/technical-advisory-multiple-vulnerabilities-in-mailenable/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.