← back
CVE-2015-5379

CVE-2015-5379

EPSS 1.6%
Cross-site scripting (XSS) vulnerability in actions.hsp in the Ajax WebMail interface in AXIGEN Mail Server before 9.0 allows remote attackers to inject arbitrary web script or HTML via an email attachment.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/132764/Axigen-Cross-Site-Scripting.htmlhttps://blogs.securiteam.com/index.php/archives/2534https://www.axigen.com/knowledgebase/Ajax-WebMail-8-x-security-patch-CVE-2015-5379-_341.htmlhttp://www.securityfocus.com/archive/1/536046/100/0/threaded