Tran Quang Vu

**Name of the Vulnerable Software and Affected Versions** Mailform Pro CGI versions 4.3.1.3 and earlier **Description** A Regular expression Denial-of-Service (ReDoS) issue exists in multiple add-ons for Mailform Pro CGI, allowing a remote unauthenticated attacker to cause a denial-of-service condition. The affected add-ons include `call/call.js`, `prefcodeadv/search.cgi`, `estimate/estimate.js`, `search/search.js`, `suggest/suggest.js`, and `coupon/coupon.js`. **Recommendations** For Mailform Pro CGI versions 4.3.1.3 and earlier, consider disabling the affected add-ons, specifically `call.js`, `search.cgi`, `estimate.js`, `search.js`, `suggest.js`, and `coupon.js`, until a patch is available. Restrict access to these add-ons to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Mailform Pro CGI versions 4.3.1.2 and earlier **Description** The issue allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition. **Recommendations** For Mailform Pro CGI versions 4.3.1.2 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.