CVE-2025-34401 | MailEnable up to 10.53 AddressBook.aspx LoadCurAddresses FieldBcc cross site scripting

A vulnerability was found in MailEnable up to 10.53. It has been declared as problematic. Affected is the function LoadCurAddresses of the file /Mondo/lang/sys/Forms/AddressBook.aspx. Executing manipulation of the argument FieldBcc can lead to cross site scripting.

This vulnerability appears as CVE-2025-34401. The attack may be performed from remote. There is no available exploit.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More