Axigen Mail Server up to 10.3.3.66/10.4.41/10.5.27/10.5.28 themeMode/_h cross site scripting

Summaryinfo

A vulnerability has been found in Axigen Mail Server up to 10.3.3.66/10.4.41/10.5.27/10.5.28 and classified as problematic. Impacted is an unknown function. The manipulation of the argument themeMode/_h leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-50601. The attack is possible to be carried out remotely. No exploit exists. The affected component should be upgraded.

Detailsinfo

A vulnerability was found in Axigen Mail Server up to 10.3.3.66/10.4.41/10.5.27/10.5.28 and classified as problematic. This issue affects an unknown part. The manipulation of the argument themeMode/_h with an unknown input leads to a cross site scripting vulnerability. Using CWE to declare the problem leads to CWE-79. The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. Impacted is integrity. The summary by CVE is:

Persistent and reflected XSS vulnerabilities in the themeMode cookie and _h URL parameter of Axigen Mail Server up to version 10.5.28 allow attackers to execute arbitrary Javascript. Exploitation could lead to session hijacking, data leakage, and further exploitation via a multi-stage attack. Fixed in versions 10.3.3.67, 10.4.42, and 10.5.29.

The advisory is shared at axigen.com. The identification of this vulnerability is CVE-2024-50601 since 10/27/2024. The exploitation is known to be easy. The attack may be initiated remotely. It demands that the victim is doing some kind of user interaction. Technical details are known, but no exploit is available. MITRE ATT&CK project uses the attack technique T1059.007 for this issue.

Upgrading to version 10.3.3.67, 10.4.42, 10.5.28 or 10.5.29 eliminates this vulnerability.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Productinfo

Type

• Mail Server Software

Vendor

• Axigen

Name

• Mail Server

Version

• 10.3.3.0
• 10.3.3.1
• 10.3.3.2
• 10.3.3.3
• 10.3.3.4
• 10.3.3.5
• 10.3.3.6
• 10.3.3.7
• 10.3.3.8
• 10.3.3.9
• 10.3.3.10
• 10.3.3.11
• 10.3.3.12
• 10.3.3.13
• 10.3.3.14
• 10.3.3.15
• 10.3.3.16
• 10.3.3.17
• 10.3.3.18
• 10.3.3.19
• 10.3.3.20
• 10.3.3.21
• 10.3.3.22
• 10.3.3.23
• 10.3.3.24
• 10.3.3.25
• 10.3.3.26
• 10.3.3.27
• 10.3.3.28
• 10.3.3.29
• 10.3.3.30
• 10.3.3.31
• 10.3.3.32
• 10.3.3.33
• 10.3.3.34
• 10.3.3.35
• 10.3.3.36
• 10.3.3.37
• 10.3.3.38
• 10.3.3.39
• 10.3.3.40
• 10.3.3.41
• 10.3.3.42
• 10.3.3.43
• 10.3.3.44
• 10.3.3.45
• 10.3.3.46
• 10.3.3.47
• 10.3.3.48
• 10.3.3.49
• 10.3.3.50
• 10.3.3.51
• 10.3.3.52
• 10.3.3.53
• 10.3.3.54
• 10.3.3.55
• 10.3.3.56
• 10.3.3.57
• 10.3.3.58
• 10.3.3.59
• 10.3.3.60
• 10.3.3.61
• 10.3.3.62
• 10.3.3.63
• 10.3.3.64
• 10.3.3.65
• 10.3.3.66
• 10.4.0
• 10.4.1
• 10.4.2
• 10.4.3
• 10.4.4
• 10.4.5
• 10.4.6
• 10.4.7
• 10.4.8
• 10.4.9
• 10.4.10
• 10.4.11
• 10.4.12
• 10.4.13
• 10.4.14
• 10.4.15
• 10.4.16
• 10.4.17
• 10.4.18
• 10.4.19
• 10.4.20
• 10.4.21
• 10.4.22
• 10.4.23
• 10.4.24
• 10.4.25
• 10.4.26
• 10.4.27
• 10.4.28
• 10.4.29
• 10.4.30
• 10.4.31
• 10.4.32
• 10.4.33
• 10.4.34
• 10.4.35
• 10.4.36
• 10.4.37
• 10.4.38
• 10.4.39
• 10.4.40
• 10.4.41
• 10.5.0
• 10.5.1
• 10.5.2
• 10.5.3
• 10.5.4
• 10.5.5
• 10.5.6
• 10.5.7
• 10.5.8
• 10.5.9
• 10.5.10
• 10.5.11
• 10.5.12
• 10.5.13
• 10.5.14
• 10.5.15
• 10.5.16
• 10.5.17
• 10.5.18
• 10.5.19
• 10.5.20
• 10.5.21
• 10.5.22
• 10.5.23
• 10.5.24
• 10.5.25
• 10.5.26
• 10.5.27
• 10.5.28

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Discussion