2 matches found
CVE-2015-5379
Vulnerability (CVE-2015-5379) : AXIGEN Mail Server’s Ajax WebMail interface (actions.hsp) before version 9.0 is vulnerable to cross-site scripting via crafted HTML attachments viewed in the WebMail “View attachment” function. Root cause: attachments in the Ajax WebMail view execute script/HTML, e...
CVE-2015-5379: Axigen XSS vulnerability for html attachments
CVEID: CVE-2015-5379 SUBJECT: Axigen XSS vulnerability for html attachments DESCRIPTION: Axigen's WebMail Ajax interface implements a view attachment function that executes javascript code that is part of email HTML attachments. This allows a malicious user to craft email messages that could expo...