.. / CVE-2023-40355

Exploit for Axigen WebMail - Cross-Site Scripting (CVE-2023-40355)

Description:

Cross Site Scripting (XSS) vulnerability in Axigen versions 10.3.3.0 before 10.3.3.59, 10.4.0 before 10.4.19, and 10.5.0 before 10.5.5, allows authenticated attackers to execute arbitrary code and obtain sensitive information via the logic for switching between the Standard and Ajax versions.

Nuclei Template

View the template here CVE-2023-40355.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-40355.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-40355
https://www.axigen.com/knowledgebase/Axigen-WebMail-XSS-Vulnerability-CVE-2023-40355-_396.html