Description
WebAdmin in Axigen 10.3.x before 10.3.3.61, 10.4.x before 10.4.24, and 10.5.x before 10.5.10 allows XSS attacks against admins because of mishandling of viewing the usage of SSL certificates.
CVSS Metrics
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
- Attack Vector
- network
- Complexity
- low
- Privileges
- none
- User Action
- required
- Scope
- changed
- Confidentiality
- low
- Integrity
- low
- Availability
- none
- Weaknesses
- CWE-79CWE-79
Metadata
- Primary Vendor
- AXIGEN
- Published
- 2/8/2024
- Last Modified
- 6/17/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
axigen : axigen_mobile_webmailaxigen : axigen_mobile_webmailaxigen : axigen_mobile_webmail
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.