Axigen Mail Server HTML Injection Vulnerability Network Vulnerability

Summary

Axigen Mail Server is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user other attacks are also possible. Axigen Mail Server 6.2.2 is vulnerable other versions may also be affected.

Solution

Reports indicate that fixes are available. Please contact the vendor for more information.

References

http://www.securityfocus.com/bid/34716

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1484

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache Tomcat Login Constraints Security Bypass Vulnerability
Apache Struts2 showcase namespace XSS Vulnerability
Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability
Apache Web Server ETag Header Information Disclosure Weakness
7Media Web Solutions EduTrac Directory Traversal Vulnerability

Take action and discover your vulnerabilities