← back
CVE-2025-44148

CVE-2025-44148

CVSS 9.8 CRITICALEPSS 54.4%CWE-79
Cross Site Scripting (XSS) vulnerability in MailEnable before v10 allows a remote attacker to execute arbitrary code via the failure.aspx component
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a
public PoCs found1
githubgithub.com/barisbaydur/CVE-2025-441483
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://mailenable.comhttps://github.com/barisbaydur/CVE-2025-44148