{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2012-01-12T00:00:00.000Z","descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and earlier, 5.x before 5.53, and 6.x before 6.03 allows remote attackers to inject arbitrary web script or HTML via the Username parameter."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-08-28T12:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"47518","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/47518"},{"name":"1026519","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1026519"},{"name":"51401","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/51401"},{"name":"20120112 ME020567: MailEnable webmail cross-site scripting vulnerability CVE-2012-0389","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://archives.neohapsis.com/archives/bugtraq/2012-01/0090.html"},{"name":"78242","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/78242"},{"tags":["x_refsource_MISC"],"url":"http://www.nerv.fi/CVE-2012-0389.txt"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567"},{"name":"mailenable-forgottenpassword-xss(72380)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/72380"},{"name":"47562","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/47562"},{"name":"18447","tags":["exploit","x_refsource_EXPLOIT-DB"],"url":"http://www.exploit-db.com/exploits/18447"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2012-0389","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and earlier, 5.x before 5.53, and 6.x before 6.03 allows remote attackers to inject arbitrary web script or HTML via the Username parameter."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"47518","refsource":"SECUNIA","url":"http://secunia.com/advisories/47518"},{"name":"1026519","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1026519"},{"name":"51401","refsource":"BID","url":"http://www.securityfocus.com/bid/51401"},{"name":"20120112 ME020567: MailEnable webmail cross-site scripting vulnerability CVE-2012-0389","refsource":"BUGTRAQ","url":"http://archives.neohapsis.com/archives/bugtraq/2012-01/0090.html"},{"name":"78242","refsource":"OSVDB","url":"http://osvdb.org/78242"},{"name":"http://www.nerv.fi/CVE-2012-0389.txt","refsource":"MISC","url":"http://www.nerv.fi/CVE-2012-0389.txt"},{"name":"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567","refsource":"CONFIRM","url":"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567"},{"name":"mailenable-forgottenpassword-xss(72380)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/72380"},{"name":"47562","refsource":"SECUNIA","url":"http://secunia.com/advisories/47562"},{"name":"18447","refsource":"EXPLOIT-DB","url":"http://www.exploit-db.com/exploits/18447"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-06T18:23:30.995Z"},"title":"CVE Program Container","references":[{"name":"47518","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/47518"},{"name":"1026519","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1026519"},{"name":"51401","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/51401"},{"name":"20120112 ME020567: MailEnable webmail cross-site scripting vulnerability CVE-2012-0389","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://archives.neohapsis.com/archives/bugtraq/2012-01/0090.html"},{"name":"78242","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/78242"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.nerv.fi/CVE-2012-0389.txt"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.mailenable.com/kb/Content/Article.asp?ID=me020567"},{"name":"mailenable-forgottenpassword-xss(72380)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/72380"},{"name":"47562","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/47562"},{"name":"18447","tags":["exploit","x_refsource_EXPLOIT-DB","x_transferred"],"url":"http://www.exploit-db.com/exploits/18447"}]}]},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2012-0389","datePublished":"2012-01-24T18:00:00.000Z","dateReserved":"2012-01-04T00:00:00.000Z","dateUpdated":"2024-08-06T18:23:30.995Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}