CVE-2025-34490 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

GFI MailEssentials prior to version 21.8 is vulnerable to an XML External Entity (XXE) issue. An authenticated and remote attacker can send crafted HTTP request…
Medium CVSS: 6.5

CVE-2025-34490

GFI MailEssentials prior to version 21.8 is vulnerable to an XML External Entity (XXE) issue. An authenticated and remote attacker can send crafted HTTP requests to read arbitrary system files.
Vendor
Gfi
Product
Mailessentials
CWE
CWE-611
Yayın Tarihi
2025-04-28 19:15:47
Güncelleme
2025-11-04 23:15:36
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-611 Mailessentials MEDIUM Gfi 2025

Referanslar

https://frycos.github.io/vulns4free/2025/04/28/mailessentials.html https://gfi.ai/products-and-solutions/network-security-solutions/mailessentials/resources/documentation/product-releases https://www.vulncheck.com/advisories/gfi-mailessentials-xxe-arbitrary-file-read