cvelist/2015/5xxx/CVE-2015-5379.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "cve@mitre.org",
      "ID" : "CVE-2015-5379",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "n/a",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "n/a"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "n/a"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "Cross-site scripting (XSS) vulnerability in actions.hsp in the Ajax WebMail interface in AXIGEN Mail Server before 9.0 allows remote attackers to inject arbitrary web script or HTML via an email attachment."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "n/a"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "20150721 CVE-2015-5379: Axigen XSS vulnerability for html attachments",
            "refsource" : "BUGTRAQ",
            "url" : "http://www.securityfocus.com/archive/1/536046/100/0/threaded"
         },
         {
            "name" : "http://packetstormsecurity.com/files/132764/Axigen-Cross-Site-Scripting.html",
            "refsource" : "MISC",
            "url" : "http://packetstormsecurity.com/files/132764/Axigen-Cross-Site-Scripting.html"
         },
         {
            "name" : "https://blogs.securiteam.com/index.php/archives/2534",
            "refsource" : "MISC",
            "url" : "https://blogs.securiteam.com/index.php/archives/2534"
         },
         {
            "name" : "https://www.axigen.com/knowledgebase/Ajax-WebMail-8-x-security-patch-CVE-2015-5379-_341.html",
            "refsource" : "CONFIRM",
            "url" : "https://www.axigen.com/knowledgebase/Ajax-WebMail-8-x-security-patch-CVE-2015-5379-_341.html"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
			`"ASSIGNER" : "cve@mitre.org",`
			`"ID" : "CVE-2015-5379",`
- Synchronized data. 2017-10-23 14:03:04 -04:00			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "n/a",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "n/a"`
			`}`
			`]`
			`}`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
- Synchronized data. 2017-10-23 14:03:04 -04:00			`"value" : "Cross-site scripting (XSS) vulnerability in actions.hsp in the Ajax WebMail interface in AXIGEN Mail Server before 9.0 allows remote attackers to inject arbitrary web script or HTML via an email attachment."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "20150721 CVE-2015-5379: Axigen XSS vulnerability for html attachments",`
			`"refsource" : "BUGTRAQ",`
- Synchronized data. 2018-10-09 15:05:48 -04:00			`"url" : "http://www.securityfocus.com/archive/1/536046/100/0/threaded"`
- Synchronized data. 2017-10-23 14:03:04 -04:00			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://packetstormsecurity.com/files/132764/Axigen-Cross-Site-Scripting.html",`
			`"refsource" : "MISC",`
- Synchronized data. 2017-10-23 14:03:04 -04:00			`"url" : "http://packetstormsecurity.com/files/132764/Axigen-Cross-Site-Scripting.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://blogs.securiteam.com/index.php/archives/2534",`
			`"refsource" : "MISC",`
- Synchronized data. 2017-10-23 14:03:04 -04:00			`"url" : "https://blogs.securiteam.com/index.php/archives/2534"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://www.axigen.com/knowledgebase/Ajax-WebMail-8-x-security-patch-CVE-2015-5379-_341.html",`
			`"refsource" : "CONFIRM",`
- Synchronized data. 2017-10-23 14:03:04 -04:00			`"url" : "https://www.axigen.com/knowledgebase/Ajax-WebMail-8-x-security-patch-CVE-2015-5379-_341.html"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
			`]`
			`}`
			`}`