CVE-2023-40355
28Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendcvss 5.4epss 1.1%
exploitation probability
1.1%top 39% of all CVEs
observed exploitation
nono source reports it
Cross Site Scripting (XSS) vulnerability in Axigen versions 10.3.3.0 before 10.3.3.59, 10.4.0 before 10.4.19, and 10.5.0 before 10.5.5, allows authenticated attackers to execute arbitrary code and obtain sensitive information via the logic for switching between the Standard and Ajax versions.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Affected products
n/a · n/a