Gfi Mailessentials vulnerabilities

CVE-2026-23611 [MEDIUM] CWE-79 CVE-2026-23611: GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the IP Blocklist management page. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv1$txtIPDescription parameter to /MailEssentials/pages/MailSecurity/ipblocklist.aspx, which is stored and later rendered in the manageme

CVE-2026-23608 [MEDIUM] CWE-79 CVE-2026-23608: GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Mail Monitoring rule creation endpoint. An authenticated user can supply HTML/JavaScript in the JSON \"name\" field to /MailEssentials/pages/MailSecurity/MailMonitoring.aspx/Save, which is stored and later rendered in the management interface, allow

CVE-2026-23620 [MEDIUM] CWE-203 CVE-2026-23620: GFI MailEssentials AI versions prior to 22.4 contain an arbitrary file existence enumeration vulnera GFI MailEssentials AI versions prior to 22.4 contain an arbitrary file existence enumeration vulnerability in the ListServer.IsDBExist() web method exposed at /MailEssentials/pages/MailSecurity/ListServer.aspx/IsDBExist. An authenticated user can supply an unrestricted filesystem path via the JSON key \"path\", which is URL-decoded and passed to Fil

CVE-2026-23610 [MEDIUM] CWE-79 CVE-2026-23610: GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the POP2Exchange configuration endpoint. An authenticated user can supply HTML/JavaScript in the POP3 server login field within the JSON \"popServers\" payload to /MailEssentials/pages/MailSecurity/POP2Exchange.aspx/Save, which is stored and later rende

CVE-2026-23618 [MEDIUM] CWE-79 CVE-2026-23618: GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Spam Keyword Checking (Subject) conditions interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pvSubject$TXB_SubjectCondition parameter to /MailEssentials/pages/MailSecurity/ASKeywordChecking.aspx, which is s

CVE-2026-23606 [MEDIUM] CWE-79 CVE-2026-23606: GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Advanced Content Filtering rule creation workflow. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv1$txtRuleName parameter to /MailEssentials/pages/MailSecurity/advancedfiltering.aspx, which is stored and later re

CVE-2026-23607 [MEDIUM] CWE-79 CVE-2026-23607: GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Anti-Spam Whitelist management interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv1$txtDescription parameter to /MailEssentials/pages/MailSecurity/Whitelist.aspx, which is stored and later rendered in the

CVE-2026-23614 [MEDIUM] CWE-79 CVE-2026-23614: GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Sender Policy Framework IP Exceptions interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv2$txtIPDescription parameter to /MailEssentials/pages/MailSecurity/SenderPolicyFramework.aspx, which is stored and l

CVE-2026-23613 [MEDIUM] CWE-79 CVE-2026-23613: GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the URI DNS Blocklist configuration page. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv1$TXB_URIs parameter to /MailEssentials/pages/MailSecurity/uridnsblocklist.aspx, which is stored and later rendered in the mana

CVE-2026-23604 [MEDIUM] CWE-79 CVE-2026-23604: GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Keyword Filtering rule creation workflow. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv1$TXB_RuleName parameter to /MailEssentials/pages/MailSecurity/contentchecking.aspx, which is stored and later rendered in

CVE-2026-23616 [MEDIUM] CWE-79 CVE-2026-23616: GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Anti-Spoofing configuration page. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$AntiSpoofingGeneral1$TxtSmtpDesc parameter to /MailEssentials/pages/MailSecurity/AntiSpoofing.aspx, which is stored and later rendere

CVE-2026-23612 [MEDIUM] CWE-79 CVE-2026-23612: GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the IP DNS Blocklist configuration page. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv1$TXB_IPs parameter to /MailEssentials/pages/MailSecurity/ipdnsblocklist.aspx, which is stored and later rendered in the managem

CVE-2026-23617 [MEDIUM] CWE-79 CVE-2026-23617: GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Spam Keyword Checking (Body) conditions interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pvGeneral$TXB_Condition parameter to /MailEssentials/pages/MailSecurity/ASKeywordChecking.aspx, which is stored and

CVE-2026-23605 [MEDIUM] CWE-79 CVE-2026-23605: GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Attachment Filtering rule creation workflow. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv1$TXB_RuleName parameter to /MailEssentials/pages/MailSecurity/attachmentchecking.aspx, which is stored and later render

CVE-2026-23619 [MEDIUM] CWE-79 CVE-2026-23619: GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Local Domains settings page. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$Pv3$txtDescription parameter to /MailEssentials/pages/MailSecurity/general.aspx, which is stored and later rendered in the management inte

CVE-2026-23615 [MEDIUM] CWE-79 CVE-2026-23615: GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Sender Policy Framework Email Exceptions interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv4$txtEmailDescription parameter to /MailEssentials/pages/MailSecurity/SenderPolicyFramework.aspx, which is stored

CVE-2026-23621 [MEDIUM] CWE-203 CVE-2026-23621: GFI MailEssentials AI versions prior to 22.4 contain an arbitrary directory existence enumeration vu GFI MailEssentials AI versions prior to 22.4 contain an arbitrary directory existence enumeration vulnerability in the ListServer.IsPathExist() web method exposed at /MailEssentials/pages/MailSecurity/ListServer.aspx/IsPathExist. An authenticated user can supply an unrestricted filesystem path via the JSON key \"path\", which is URL-decoded and pass

CVE-2026-23609 [MEDIUM] CWE-79 CVE-2026-23609: GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Perimeter SMTP Servers configuration page. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv3$txtDescription parameter to /MailEssentials/pages/MailSecurity/PerimeterSMTPServers.aspx, which is stored and later rend

CVE-2025-34489 [HIGH] CWE-502 CVE-2025-34489: GFI MailEssentials prior to version 21.8 is vulnerable to a local privilege escalation issue. A loca GFI MailEssentials prior to version 21.8 is vulnerable to a local privilege escalation issue. A local attacker can escalate to NT Authority/SYSTEM by sending a crafted serialized payload to a .NET Remoting Service.

CVE-2025-34491 [HIGH] CWE-502 CVE-2025-34491: GFI MailEssentials prior to version 21.8 is vulnerable to a .NET deserialization issue. A remote and GFI MailEssentials prior to version 21.8 is vulnerable to a .NET deserialization issue. A remote and authenticated attacker can execute arbitrary code by sending crafted serialized .NET when joining to a Multi-Server setup.