Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Packet Storm
Packet Stormadded 2023/09/08 12:0 a.m.286 views

Axigen 10.5.0–4370c946 Cross Site Scripting

Exploit Title: Axigen if xhr1.readyState === XMLHttpRequest.DONE hcookie = new URLxhr1.responseURL.search.split"="1; xhr2.open'PATCH', /api/v1/conversations/MQ/?h=$hcookie...

6.1CVSS7.1AI score0.52088EPSS
Exploits4
OSV
OSVadded 2022/06/07 9:15 p.m.4 views

CVE-2022-31470

An XSS vulnerability in the indexmobilechangepass.hsp reset-password section of Axigen Mobile WebMail before 10.2.3.12 and 10.3.x before 10.3.3.47 allows attackers to run arbitrary Javascript code that, using an active end-user session for a logged-in user, can access and retrieve mailbox content...

6.1CVSS5.9AI score0.52088EPSS
Exploits4References3
CVE
CVEadded 2022/06/07 12:0 a.m.111 views

CVE-2022-31470

Summary of CVE-2022-31470 : The issue is an XSS vulnerability in Axigen Mobile WebMail (and Axigen WebMail entries in related docs) that allows an attacker with an active user session to execute arbitrary JavaScript and access mailbox content. Concrete details across connected sources indicate tw...

6.1CVSS6.1AI score0.52088EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder