How to fix CVE-2025-68723?

Within 24 hours: Identify all Axigen Mail Server instances and document current versions; restrict WebAdmin interface access to trusted IP addresses only and disable remote access if not business-critical. Within 7 days: Contact Axigen for patch availability and ETA; evaluate alternative mail server platforms as contingency. Within 30 days: Apply vendor patch immediately upon release; conduct security audit of WebAdmin logs for signs of exploitation; reset all administrator credentials post-patch.

Is Tls affected by CVE-2025-68723?

Axigen Mail Server versions before 10.5.57 contain critical stored XSS vulnerabilities in the WebAdmin interface that could allow attackers to compromise administrator accounts and gain control of email infrastructure.

CVE-2025-68723

CRITICAL

2026-02-05 [email protected]

9.0

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

CVE Published

Feb 05, 2026 - 17:16 nvd

CRITICAL 9.0

Description

Axigen Mail Server before 10.5.57 contains multiple stored Cross-Site Scripting (XSS) vulnerabilities in the WebAdmin interface. Three instances exist: (1) the log file name parameter in the Local Services Log page, (2) certificate file content in the SSL Certificates View Usage feature, and (3) the Certificate File name parameter in the WebMail Listeners SSL settings. Attackers can inject malicious JavaScript payloads that execute in administrators' browsers when they access affected pages or features, enabling privilege escalation attacks where low-privileged admins can force high-privileged admins to perform unauthorized actions.

Analysis

Multiple stored XSS vulnerabilities in Axigen Mail Server before 10.5.57 WebAdmin interface allow authenticated administrators to inject persistent malicious scripts that execute in other admin sessions.

Technical Context

CWE-79 stored XSS in administrative interface fields. Malicious JavaScript persists in the WebAdmin configuration and executes when other administrators view affected pages.

Affected Products

['Axigen Mail Server < 10.5.57']

Remediation

Update to Axigen 10.5.57 or later. Implement Content Security Policy headers. Audit admin account access.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +45

POC: 0

CVE-2025-68723 vulnerability details – vuln.today

Back

CVE-2025-68723

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-68723

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code