Axigen Mail Server ‘Body’ Field HTML Injection Vulnerability


Axigen Mail Server is prone to an HTML-injection vulnerability because it fails to sanitize user-supplied input.


The original article can be found at:


Vulnerable Systems:
 *Axigen Mail Server ‘Body’ Field HTML Injection Vulnerability

Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and control how the site is rendered to the user; other attacks are also possible.Axigen Mail Server 8.0.1 is vulnerable; other versions may also be affected. .

Vendor Status:
Vendor as issued an updated vulnerability.

CVE Information:

Disclosure Timeline:
Initial Release: Published: Aug 08 2012

Categories: News