Axigen versions 10.3.3.0 to 10.5.5 Cross Site Scripting (XSS) Arbitrary Code Execution Vulnerability

CVE-2023-40355 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Cross Site Scripting (XSS) vulnerability in Axigen versions 10.3.3.0 before 10.3.3.59, 10.4.0 before 10.4.19, and 10.5.0 before 10.5.5, allows authenticated attackers to execute arbitrary code and obtain sensitive information via the logic for switching between the Standard and Ajax versions.

Learn more about our Web Application Penetration Testing UK.