Vulnerabilities (CVE)

Filtered by vendor Axigen Subscribe
Filtered by product Axigen Mobile Webmail
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-49101 1 Axigen 1 Axigen Mobile Webmail 2024-11-21 N/A 6.1 MEDIUM
WebAdmin in Axigen 10.3.x before 10.3.3.61, 10.4.x before 10.4.24, and 10.5.x before 10.5.10 allows XSS attacks against admins because of mishandling of viewing the usage of SSL certificates.
CVE-2023-40355 1 Axigen 1 Axigen Mobile Webmail 2024-11-21 N/A 5.4 MEDIUM
Cross Site Scripting (XSS) vulnerability in Axigen versions 10.3.3.0 before 10.3.3.59, 10.4.0 before 10.4.19, and 10.5.0 before 10.5.5, allows authenticated attackers to execute arbitrary code and obtain sensitive information via the logic for switching between the Standard and Ajax versions.
CVE-2022-31470 1 Axigen 1 Axigen Mobile Webmail 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
An XSS vulnerability in the index_mobile_changepass.hsp reset-password section of Axigen Mobile WebMail before 10.2.3.12 and 10.3.x before 10.3.3.47 allows attackers to run arbitrary Javascript code that, using an active end-user session (for a logged-in user), can access and retrieve mailbox content.