PT-2024-12887 · Axigen · Axigen
Amir Hossein Fallahi
·
Published
2024-02-07
·
Updated
2025-06-17
·
CVE-2023-40355
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Axigen versions 10.3.3.0 through 10.3.3.59
Axigen versions 10.4.0 through 10.4.19
Axigen versions 10.5.0 through 10.5.5
Description
The issue is a Cross Site Scripting (XSS) vulnerability that allows authenticated attackers to execute arbitrary code and obtain sensitive information via the logic for switching between the Standard and Ajax versions.
Recommendations
For Axigen versions 10.3.3.0 through 10.3.3.59, update to version 10.3.3.59 or later.
For Axigen versions 10.4.0 through 10.4.19, update to version 10.4.19 or later.
For Axigen versions 10.5.0 through 10.5.5, update to version 10.5.5 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Axigen