Axigen: >> Axigen Mail Server >> 10.3.3.52 Security Vulnerabilities
Cross Site Scripting vulnerability in Axigen WebMail prior to 10.3.3.61 allows a remote attacker to escalate privileges via a crafted script to the serverName_input parameter.
CVSS Score
9.6
EPSS Score
0.05
Published
2024-02-08
A 2-Step Verification problem in Axigen 10.3.3.52 allows an attacker to access a mailbox by bypassing 2-Step Verification when they try to add an account to any third-party webmail service (or add an account to Outlook or Gmail, etc.) with IMAP or POP3 without any verification code.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-01-13