Page 2 of 7 results (0.001 seconds)

CVSS: 5.4EPSS: 0%CPEs: 9EXPL: 0

Cross-site scripting (XSS) vulnerability in actions.hsp in the Ajax WebMail interface in AXIGEN Mail Server before 9.0 allows remote attackers to inject arbitrary web script or HTML via an email attachment. Vulnerabilidad Cross-Site Scripting (XSS) en actions.hsp en la interfaz de Ajax WebMail en AXIGEN Mail Server en versiones anteriores a la 9.0 permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante un archivo adjunto en un correo. • http://packetstormsecurity.com/files/132764/Axigen-Cross-Site-Scripting.html http://www.securityfocus.com/archive/1/536046/100/0/threaded https://blogs.securiteam.com/index.php/archives/2534 https://www.axigen.com/knowledgebase/Ajax-WebMail-8-x-security-patch-CVE-2015-5379-_341.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 3

Cross-site scripting (XSS) vulnerability in Axigen Mail Server 8.0.1 allows remote attackers to inject arbitrary web script or HTML via the body of an email. Vulnerabilidad de XSS en Axigen Mail Server 8.0.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del cuerpo de un email. Axigen Mail Server version 8.0.1 suffers from a stored cross site scripting vulnerability. • https://www.exploit-db.com/exploits/20348 http://osvdb.org/84526 http://www.exploit-db.com/exploits/20348 http://www.securityfocus.com/bid/54899 https://exchange.xforce.ibmcloud.com/vulnerabilities/77515 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •