MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user's settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source.
2007-01-29T16:28:00.000
2025-04-09T00:30:58.490
Deferred
CVSSv2: 4.0 (MEDIUM)
AV:N/AC:L/Au:S/C:P/I:N/A:N
8.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | mailenable | mailenable_professional | 1.7 | Yes |
| Application | mailenable | mailenable_professional | 1.71 | Yes |
| Application | mailenable | mailenable_professional | 1.72 | Yes |
| Application | mailenable | mailenable_professional | 1.73 | Yes |
| Application | mailenable | mailenable_professional | 1.74 | Yes |
| Application | mailenable | mailenable_professional | 1.75 | Yes |
| Application | mailenable | mailenable_professional | 1.76 | Yes |
| Application | mailenable | mailenable_professional | 1.77 | Yes |