RSS: MailEnable CVE-2025-44148 Fix
MailEnable versions 10.53 and earlier are vulnerable to a reflected cross-site scripting (XSS) issue in the webmail interface. This vulnerability could allow an attacker to execute malicious scripts if a logged-in user clicks a specially crafted link.
A patch addressing this issue is available at:
https://www.mailenable.com/hotfix/failure.zip
Extract the zip file to:
Mail Enable\bin\NETWebMail\Mondo\lang\sys
MORE INFORMATION
https://www.cve.org/CVERecord?id=CVE-2025-44148.
If you have any questions in relation to this issue, please contact sales@mailenable.com
Product: MailEnable
Version: All Versions
Revision Date: Wed, 30 Jul 2025 08:16:56 -0400
Version: All Versions
Revision Date: Wed, 30 Jul 2025 08:16:56 -0400
- Mail Server
- Overview
- Features
- Comparisons
- Solutions
- Product Editions
- Feature Matrix
- Webmail Demo
- Video Gallery
- Migrate To MailEnable
- Testimonials
© 2026 MailEnable