FKIE_CVE-2025-68723

Vulnerability from fkie_nvd - Published: 2026-02-05 17:16 - Updated: 2026-02-13 15:15
Severity ?
9.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
9.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Summary
Axigen Mail Server before 10.5.57 contains multiple stored Cross-Site Scripting (XSS) vulnerabilities in the WebAdmin interface. Three instances exist: (1) the log file name parameter in the Local Services Log page, (2) certificate file content in the SSL Certificates View Usage feature, and (3) the Certificate File name parameter in the WebMail Listeners SSL settings. Attackers can inject malicious JavaScript payloads that execute in administrators' browsers when they access affected pages or features, enabling privilege escalation attacks where low-privileged admins can force high-privileged admins to perform unauthorized actions.
References
cve@mitre.orghttps://www.axigen.com/knowledgebase/Axigen-WebAdmin-Stored-XSS-Vulnerabilities-CVE-2025-68723-_408.htmlVendor Advisory
cve@mitre.orghttps://www.axigen.com/mail-server/download/Product
134c704f-9b21-4f2e-91b3-4a467353bcc0https://github.com/osmancanvural/CVE-2025-68723
Impacted products
Vendor Product Version
axigen axigen_mail_server *
axigen axigen_mail_server *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:axigen:axigen_mail_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FD23438-2B7F-48CB-9300-2A47F2B96A01",
              "versionEndExcluding": "10.5.57",
              "versionStartIncluding": "10.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:axigen:axigen_mail_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FE47CA3-597B-45EE-BCFA-60440CDB5ECB",
              "versionEndExcluding": "10.6.26",
              "versionStartIncluding": "10.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Axigen Mail Server before 10.5.57 contains multiple stored Cross-Site Scripting (XSS) vulnerabilities in the WebAdmin interface. Three instances exist: (1) the log file name parameter in the Local Services Log page, (2) certificate file content in the SSL Certificates View Usage feature, and (3) the Certificate File name parameter in the WebMail Listeners SSL settings. Attackers can inject malicious JavaScript payloads that execute in administrators\u0027 browsers when they access affected pages or features, enabling privilege escalation attacks where low-privileged admins can force high-privileged admins to perform unauthorized actions."
    },
    {
      "lang": "es",
      "value": "Axigen Mail Server anterior a 10.5.57 contiene m\u00faltiples vulnerabilidades de cross-site scripting (XSS) almacenado en la interfaz WebAdmin. Existen tres instancias: (1) el par\u00e1metro del nombre del archivo de registro en la p\u00e1gina de registro de servicios locales (Local Services Log), (2) el contenido del archivo de certificado en la funci\u00f3n de visualizaci\u00f3n de uso de certificados SSL (SSL Certificates View Usage), y (3) el par\u00e1metro del nombre del archivo de certificado en la configuraci\u00f3n SSL de los oyentes de WebMail (WebMail Listeners). Los atacantes pueden inyectar cargas \u00fatiles de JavaScript maliciosas que se ejecutan en los navegadores de los administradores cuando acceden a las p\u00e1ginas o funciones afectadas, lo que permite ataques de escalada de privilegios donde los administradores con pocos privilegios pueden obligar a los administradores con muchos privilegios a realizar acciones no autorizadas."
    }
  ],
  "id": "CVE-2025-68723",
  "lastModified": "2026-02-13T15:15:57.503",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-02-05T17:16:12.700",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.axigen.com/knowledgebase/Axigen-WebAdmin-Stored-XSS-Vulnerabilities-CVE-2025-68723-_408.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Product"
      ],
      "url": "https://www.axigen.com/mail-server/download/"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://github.com/osmancanvural/CVE-2025-68723"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.