Axigen Mail Server Stored Cross-Site Scripting Vulnerability in WebAdmin Interface

A stored Cross-Site Scripting (XSS) vulnerability has been identified in Axigen Mail Server versions 10.3.x, 10.4.x, and 10.5.x prior to 10.5.57, as well as in Axigen 10.6.x prior to 10.6.26. This vulnerability exists within the WebAdmin interface, where low-privileged administrators can inject malicious JavaScript that executes in the context of high-privileged administrator sessions, leading to unauthorized actions. Three specific instances of this vulnerability have been documented: 1) Log file name parameter in the Local Services Log page, 2) Certificate file content in the SSL Certificates View Usage feature, and 3) Certificate File name parameter in the WebMail Listeners SSL settings.

Impact

Exploitation of this vulnerability allows for stored XSS, where injected scripts execute in the context of an administrator's browser, potentially leading to privilege escalation by allowing low-privileged admins to manipulate high-privileged admins into performing unauthorized actions.

Remediation

Users are advised to update to Axigen version 10.5.57 or 10.6.26.