Vulnerabilities > Icewarp
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-05 | CVE-2024-0246 | Unspecified vulnerability in Icewarp 12.0.2.1/12.0.3.1 A vulnerability classified as problematic has been found in IceWarp 12.0.2.1/12.0.3.1. | 6.1 |
2023-09-25 | CVE-2023-43319 | Cross-site Scripting vulnerability in Icewarp Webclient 10.3.5 Cross Site Scripting (XSS) vulnerability in the Sign-In page of IceWarp WebClient 10.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter. | 6.1 |
2023-09-14 | CVE-2023-40779 | Open Redirect vulnerability in Icewarp Deep Castle G2 13.0.1.2 An issue in IceWarp Mail Server Deep Castle 2 v.13.0.1.2 allows a remote attacker to execute arbitrary code via a crafted request to the URL. | 6.1 |
2023-09-12 | CVE-2023-41013 | Cross-site Scripting vulnerability in Icewarp 10.3.1 Cross Site Scripting (XSS) in Webmail Calendar in IceWarp 10.3.1 allows remote attackers to inject arbitrary web script or HTML via the "p4" field. | 6.1 |
2023-09-05 | CVE-2023-39598 | Cross-site Scripting vulnerability in Icewarp Webclient 10.2.1 Cross Site Scripting vulnerability in IceWarp Corporation WebClient v.10.2.1 allows a remote attacker to execute arbitrary code via a crafted payload to the mid parameter. | 6.1 |
2023-08-25 | CVE-2023-39600 | Cross-site Scripting vulnerability in Icewarp 11.4.6.0 IceWarp 11.4.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the color parameter. | 6.1 |
2023-08-25 | CVE-2023-39699 | Path Traversal vulnerability in Icewarp Mail Server 10.4.5 IceWarp Mail Server v10.4.5 was discovered to contain a local file inclusion (LFI) vulnerability via the component /calendar/minimizer/index.php. | 9.8 |
2023-08-25 | CVE-2023-39700 | Cross-site Scripting vulnerability in Icewarp Mail Server 10.4.5 IceWarp Mail Server v10.4.5 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the color parameter. | 6.1 |
2023-07-27 | CVE-2021-36580 | Open Redirect vulnerability in Icewarp Mail Server Open Redirect vulnerability exists in IceWarp MailServer IceWarp Server Deep Castle 2 Update 1 (13.0.1.2) via the referer parameter. | 6.1 |
2023-07-20 | CVE-2023-37728 | Cross-site Scripting vulnerability in Icewarp 10.2.1 IceWarp v10.2.1 was discovered to contain cross-site scripting (XSS) vulnerability via the color parameter. | 6.1 |