Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in actions.hsp in the Ajax WebMail interface in AXIGEN Mail Server before 9.0 allows remote attackers to inject arbitrary web script or HTML via an email attachment.
References 4 Total
- https://www.axigen.com/knowledgebase/Ajax-WebMail-8-x-security-patch-CVE-2015-5379-_341.html
- http://packetstormsecurity.com/files/132764/Axigen-Cross-Site-Scripting.html
- securityfocus.com: 20150721 CVE-2015-5379: Axigen XSS vulnerability for html attachments mailing-list
- https://blogs.securiteam.com/index.php/archives/2534
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 4 Total
- https://www.axigen.com/knowledgebase/Ajax-WebMail-8-x-security-patch-CVE-2015-5379-_341.html x_transferred
- http://packetstormsecurity.com/files/132764/Axigen-Cross-Site-Scripting.html x_transferred
- securityfocus.com: 20150721 CVE-2015-5379: Axigen XSS vulnerability for html attachments mailing-listx_transferred
- https://blogs.securiteam.com/index.php/archives/2534 x_transferred