Axigen Mail Server HTML Injection Vulnerability Network Vulnerability

Summary

Axigen Mail Server is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user other attacks are also possible. Axigen Mail Server 6.2.2 is vulnerable other versions may also be affected.

Solution

Reports indicate that fixes are available. Please contact the vendor for more information.

References

http://www.securityfocus.com/bid/34716

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1484
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache mod_proxy_ajp Information Disclosure Vulnerability
Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability
Adobe ColdFusion Multiple Vulnerabilities-03 May-2014
Adobe ColdFusion Multiple Full Path Disclosure Vulnerabilities
Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability

Take action and discover your vulnerabilities