CNNVD-202602-816 Information

CNNVD ID

CNNVD-202602-816

Related CVE

CVE-2025-68643

• CNNVD Published: 2026-02-05

Description (Chinese)

Axigen Mail Server是Axigen公司的一款邮件服务器软件。 Axigen Mail Server 10.5.57之前版本存在安全漏洞，该漏洞源于处理timeFormat账户偏好参数时存在存储型跨站脚本，攻击者可通过多阶段攻击注入并执行恶意JavaScript有效载荷。

Description (English)

Axigen Mail Server is a mail server software for Axigen. The previous version of Axigen Mail Server 10.5.57 had a security loophole, which stemmed from the existence of a storage cross-site script for the treatment of timeFormat account preferences, which could be injected and carried out by the attackers through multistage attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Axigen

Published

2026-02-05

Last Modified

2026-02-24

References

https://www.axigen.com/knowledgebase/Axigen-WebMail-Stored-XSS-Vulnerability-CVE-2025-68643-_405.html https://www.axigen.com/mail-server/download/

Patch

https://www.axigen.com/mail-server/download/