Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-40355 PoC — Axigen 跨站脚本漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-40355.yaml
Associated Vulnerability
Title:Axigen 跨站脚本漏洞 (CVE-2023-40355)
Description:Axigen是Axigen公司的一个具有群件和协作功能的邮件服务器。 Axigen存在跨站脚本漏洞。攻击者利用该漏洞执行任意代码并获取敏感信息。以下版本受到影响:10.3.3.0版本至10.3.3.59之前版本、10.4.0版本至10.4.19之前版本、10.5.0版本至10.5.5之前版本。
Description
Cross Site Scripting (XSS) vulnerability in Axigen versions 10.3.3.0 before 10.3.3.59, 10.4.0 before 10.4.19, and 10.5.0 before 10.5.5, allows authenticated attackers to execute arbitrary code and obtain sensitive information via the logic for switching between the Standard and Ajax versions.
File Snapshot

 id: CVE-2023-40355

info:
  name: Axigen WebMail - Cross-Site Scripting
  author: amir-h-fallahi
  s

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.