SYMPTOMS
MailEnable Professional and Enterprise versions are prone to cross-site scripting vulnerabilities as the user-supplied input received via "Username" parameter of "ForgottonPassword.aspx" page is not properly sanitized (CVE-2012-0389). A specially crafted URL which a user clicks could gain access to the users cookies for webmail. The affected versions of MailEnable are:
MailEnable Professional, Enterprise & Premium
4.26 and earlier
MailEnable Professional, Enterprise & Premium 5.52 and
earlier
MailEnable Professional, Enterprise & Premium 6.02 and
earlier
MailEnable Standard is not affected.
CAUSE
This is caused by the input to the forgotten password page (specifically the username) not being sanitised.
RESOLUTION
Users of MailEnable 5 and 6 can resolve the issue by upgrading to version 5.53 or 6.03 or later. Alternatively, and for version 4 users, the following fix can be applied:
document.getElementById("txtUsername").value = '<%= Request.Item("Username") %>'<%= Request.Item("Username") %>;
REFERENCES
CVE Identifier for this vulnerability is CVE-2012-0389.
Product: | MailEnable |
Category: | Other |
Article: | ME020567 |
Module: | General |
Keywords: | |
Class: | BUG: Product Defect/Bug |
Revised: | Wednesday, May 4, 2016 |
Author: | MailEnable |
Publisher: | MailEnable |