Vulnerabilities > Mailenable > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-08 | CVE-2019-12927 | Cross-site Scripting vulnerability in Mailenable MailEnable Enterprise Premium 10.23 was vulnerable to stored and reflected cross-site scripting (XSS) attacks. | 6.1 |
| 2019-07-08 | CVE-2019-12923 | Cross-Site Request Forgery (CSRF) vulnerability in Mailenable In MailEnable Enterprise Premium 10.23, the potential cross-site request forgery (CSRF) protection mechanism was not implemented correctly and it was possible to bypass it by removing the anti-CSRF token parameter from the request. | 6.5 |
| 2019-01-16 | CVE-2015-9279 | Cross-site Scripting vulnerability in Mailenable MailEnable before 8.60 allows Stored XSS via malformed use of "<img/src" with no ">" character in the body of an e-mail message. | 6.1 |