Vulnerabilities > Axigen > Axigen Mail Server > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-08 | CVE-2023-48974 | Cross-site Scripting vulnerability in Axigen Mail Server Cross Site Scripting vulnerability in Axigen WebMail prior to 10.3.3.61 allows a remote attacker to escalate privileges via a crafted script to the serverName_input parameter. | 9.6 |
| 2023-01-13 | CVE-2023-23566 | Unspecified vulnerability in Axigen Mail Server 10.3.3.52 A 2-Step Verification problem in Axigen 10.3.3.52 allows an attacker to access a mailbox by bypassing 2-Step Verification when they try to add an account to any third-party webmail service (or add an account to Outlook or Gmail, etc.) with IMAP or POP3 without any verification code. | 9.8 |