Cross-Site Scripting Vulnerability in Axigen Mail Server
CVE-2012-2592

Currently unrated

Key Information:

Vendor: Axigen
Status: Axigen Mail Server
Vendor: CVE Published:; 18 June 2014

What is CVE-2012-2592?

The Axigen Mail Server version 8.0.1 is susceptible to a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML through the body of a crafted email. This can result in the execution of malicious scripts in the context of the user’s browser, posing significant security risks. Users and administrators are advised to apply available patches and take necessary measures to mitigate potential exploitation.

References

http://www.securityfocus.com/bid/54899

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/77515

vdb-entryx_refsource_XF

http://www.exploit-db.com/exploits/20348

exploitx_refsource_EXPLOIT-DB

Timeline

Vulnerability published
Jun 18, 2014
Vulnerability Reserved
May 9, 2012