Axigen: >> Axigen Mobile Webmail >> 10.5.4 Security Vulnerabilities
WebAdmin in Axigen 10.3.x before 10.3.3.61, 10.4.x before 10.4.24, and 10.5.x before 10.5.10 allows XSS attacks against admins because of mishandling of viewing the usage of SSL certificates.
CVSS Score
6.1
EPSS Score
0.003
Published
2024-02-08
Cross Site Scripting (XSS) vulnerability in Axigen versions 10.3.3.0 before 10.3.3.59, 10.4.0 before 10.4.19, and 10.5.0 before 10.5.5, allows authenticated attackers to execute arbitrary code and obtain sensitive information via the logic for switching between the Standard and Ajax versions.
CVSS Score
5.4
EPSS Score
0.267
Published
2024-02-07