{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32852", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-16T18:11:41.759Z", "datePublished": "2026-03-23T19:06:41.939Z", "dateUpdated": "2026-05-08T14:00:20.789Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-05-08T14:00:20.789Z"}, "title": "MailEnable < 10.55 Reflected XSS via FreeBusy.aspx StartDate Parameter", "descriptions": [{"lang": "en", "value": "MailEnable versions prior to\u00a010.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in the FreeBusy.aspx form, which is not properly sanitized before being embedded into dynamically generated JavaScript."}], "datePublic": "2026-03-02T00:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "affected": [{"vendor": "MailEnable", "product": "MailEnable", "versions": [{"status": "affected", "version": "0", "lessThan": "10.55.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "NONE", "subConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "subIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 5.1, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"}}], "references": [{"url": "https://www.mailenable.com/rss/article.asp?Source=RSSADMIN&ID=MAILENABLEVERSION1055", "tags": ["vendor-advisory", "patch"]}, {"url": "https://karmainsecurity.com/KIS-2026-05", "tags": ["technical-description", "exploit"]}, {"url": "https://mailenable.com/Standard-ReleaseNotes.txt", "tags": ["release-notes"]}, {"url": "https://www.mailenable.com/", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/mailenable-reflected-xss-via-freebusy-aspx-startdate-parameter", "tags": ["third-party-advisory"]}], "credits": [{"lang": "en", "value": "Egidio Romano", "type": "finder"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-24T14:01:06.225059Z", "id": "CVE-2026-32852", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T15:13:27.501Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32852", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-24T14:01:06.225059Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T14:01:07.302Z"}}], "cna": {"title": "MailEnable < 10.55 Reflected XSS via FreeBusy.aspx StartDate Parameter", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Egidio Romano"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.1, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "MailEnable", "product": "MailEnable", "versions": [{"status": "affected", "version": "0", "lessThan": "10.55.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "datePublic": "2026-03-02T00:00:00.000Z", "references": [{"url": "https://www.mailenable.com/rss/article.asp?Source=RSSADMIN&ID=MAILENABLEVERSION1055", "tags": ["vendor-advisory", "patch"]}, {"url": "https://karmainsecurity.com/KIS-2026-05", "tags": ["technical-description", "exploit"]}, {"url": "https://mailenable.com/Standard-ReleaseNotes.txt", "tags": ["release-notes"]}, {"url": "https://www.mailenable.com/", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/mailenable-reflected-xss-via-freebusy-aspx-startdate-parameter", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "MailEnable versions prior to\u00a010.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in the FreeBusy.aspx form, which is not properly sanitized before being embedded into dynamically generated JavaScript."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-05-08T14:00:20.789Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32852", "state": "PUBLISHED", "dateUpdated": "2026-05-08T14:00:20.789Z", "dateReserved": "2026-03-16T18:11:41.759Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-03-23T19:06:41.939Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mailenable:mailenable:*:*:*:*:standard:*:*:*", "matchCriteriaId": "F962A848-7090-4A82-B642-8A21C594060E", "versionEndExcluding": "10.55", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "MailEnable versions prior to\u00a010.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in the FreeBusy.aspx form, which is not properly sanitized before being embedded into dynamically generated JavaScript."}, {"lang": "es", "value": "MailEnable versiones anteriores a 10.55 contienen una vulnerabilidad de cross-site scripting reflejado en la interfaz de webmail que permite a atacantes remotos ejecutar JavaScript arbitrario en el navegador de una v\u00edctima mediante la creaci\u00f3n de una URL maliciosa. Los atacantes pueden inyectar c\u00f3digo malicioso a trav\u00e9s del par\u00e1metro StartDate en el formulario FreeBusy.aspx, el cual no se sanea correctamente antes de ser incrustado en JavaScript generado din\u00e1micamente."}], "id": "CVE-2026-32852", "lastModified": "2026-03-30T14:29:09.667", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-23T20:16:27.197", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://karmainsecurity.com/KIS-2026-05"}, {"source": "disclosure@vulncheck.com", "tags": ["Release Notes"], "url": "https://mailenable.com/Standard-ReleaseNotes.txt"}, {"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "https://www.mailenable.com/"}, {"source": "disclosure@vulncheck.com", "tags": ["Release Notes"], "url": "https://www.mailenable.com/rss/article.asp?Source=RSSADMIN&ID=MAILENABLEVERSION1055"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/mailenable-reflected-xss-via-freebusy-aspx-startdate-parameter"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,10.55)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "MailEnable", "source": "cna", "vendor": "MailEnable"}, "product": "mailenable", "vendor": "mailenable"}], "analysis": {"en": {"generated_at": "2026-03-30T17:30:22.776776+00:00", "value": {"mitigation_remediation": ["Update MailEnable to version 10.55 or later to eliminate the reflected XSS flaw.", "Confirm that the FreeBusy.aspx page no longer echoes the StartDate value before deploying the new version.", "If an immediate update is unavailable, avoid accessing URLs that include the StartDate parameter and monitor for vendor patches."], "summary": {"action": "Patch", "impact": "Client-side script execution"}, "threat_synthesis": {"affected_systems": "This vulnerability impacts all MailEnable installations running any version prior to 10.55. The flaw is located in the webmail interface component FreeBusy.aspx and is not limited to specific product editions.", "description_and_impact": "MailEnable versions earlier than 10.55 contain a reflected cross-site scripting vulnerability in the FreeBusy.aspx page. The flaw allows a remote attacker to construct a URL that injects arbitrary JavaScript into the StartDate parameter, which is echoed into client-side code without proper sanitization. When a user visits the crafted link, the malicious script runs in that user\u2019s browser, enabling client-side attacks such as redirecting the user or manipulating the browsing context.", "risk_and_exploitability": "The CVSS base score of 5.1 indicates moderate severity, while the EPSS score of less than 1% suggests the likelihood of exploitation is low. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. Exploitation requires only a maliciously crafted URL; no authentication or local privileges are needed, making the attack vector remote client interaction."}}}}, "created": "2026-03-24T10:33:04.911103+00:00", "updated": "2026-03-30T20:58:13.466590+00:00", "vendors": ["mailenable", "mailenable$PRODUCT$mailenable"]}