Axigen 10.x
Axigen WebAdmin Stored XSS Vulnerabilities (CVE-2025-68723)
Feb 5, 2026 • 1 min. read
Multiple stored XSS vulnerabilities in Axigen WebAdmin enable privilege escalation attacks. Update to 10.5.57 or 10.6.26.
Read articleAxigen WebAdmin CSRF Vulnerability (CVE-2025-68722)
Feb 5, 2026 • 1 min. read
CSRF vulnerability in Axigen WebAdmin allows attackers to execute admin actions via malicious links. Update to 10.5.57 or 10.6.26.
Read articleAxigen WebAdmin Improper Access Control Vulnerability (CVE-2025-68721)
Feb 5, 2026 • 1 min. read
Improper access control in Axigen WebAdmin allows zero-permission admins to manage SSL certificates. Update to 10.5.57 or 10.6.26.
Read articleAxigen WebMail Stored XSS Vulnerability (CVE-2025-68643)
Feb 4, 2026 • 1 min. read
Stored XSS vulnerability in Axigen WebMail timeFormat parameter enables credential theft via multi-stage attack. Update to 10.5.57 or 10.6.26.
Read articleHow to Upgrade to Axigen X6
Nov 26, 2024 • 3 min. read
Axigen X6 brings BIMI support, Account Recovery and 2-Step Verification via SMS, Zoom and Teams URLs in calendar events, and a redesigned WebAdmin interface, plus many enhancements and bug fixes. Follow these steps to upgrade to X6 while ensuring compatibility with supported platforms.
Read articleAxigen WebMail Persistent and Reflected XSS Vulnerabilities (CVE-2024-50601)
Nov 6, 2024 • 1 min. read
Persistent XSS in Axigen WebMail (CVE-2024-50601) allows Javascript injection via cookies and parameters. Update to 10.3.3.67 / 10.4.42 / 10.5.29 to secure.
Read articleLocal Privilege Escalation Vulnerability on Axigen for Windows (CVE-2024-28589)
Apr 1, 2024 • 1 min. read
Learn about the fix for the local privilege escalation vulnerability in Axigen for Windows (CVE-2024-28589) in versions up to 10.5.18, resolved in 10.5.19.
Read articleAxigen WebMail XSS Vulnerability (CVE-2024-25080)
Feb 1, 2024 • 1 min. read
This vulnerability allows attackers to run arbitrary Javascript code, leveraging a logged-in end-user session. This could allow attackers to perform phishing attacks or exfiltrate data from the logged-in account.
Read articleAxigen WebAdmin XSS Vulnerability (CVE-2023-49101)
Nov 20, 2023 • 1 min. read
This vulnerability allows attackers to run arbitrary Javascript code that, using an active admin session (for a logged-in admin), can access the admin interface.
Read articleHow to Back Up Your Axigen Mail Server
Sep 19, 2023 • 4 min. read
This knowledge base article explains how to back up and restore your Axigen Mail Server using the full directory backup, FTP, FUSE, or external archivers.
Read articleHow to Monitor Your Axigen Message Storage Capacity
Sep 19, 2023 • 7 min. read
This knowledge base article explains how to monitor whether your message storage is getting close to its capacity limit before you run out of space.
Read articleAxigen WebMail XSS Vulnerability (CVE-2023-40355)
Aug 11, 2023 • 1 min. read
This vulnerability allows attackers to run arbitrary Javascript code that, using an active end-user session (for a logged-in user), can access and retrieve mailbox content.
Read article