Vulnerabilities > Icewarp > Mail Server > 12.3.0.1

DATE CVE VULNERABILITY TITLE RISK
2023-07-27 CVE-2021-36580 Open Redirect vulnerability in Icewarp Mail Server
Open Redirect vulnerability exists in IceWarp MailServer IceWarp Server Deep Castle 2 Update 1 (13.0.1.2) via the referer parameter.
network
low complexity
icewarp CWE-601
6.1
6.1
2020-07-15 CVE-2020-14066 Unrestricted Upload of File with Dangerous Type vulnerability in Icewarp Mail Server 12.3.0.1
IceWarp Email Server 12.3.0.1 allows remote attackers to upload JavaScript files that are dangerous for clients to access.
network
low complexity
icewarp CWE-434
8.8
8.8
2020-07-15 CVE-2020-14065 Unrestricted Upload of File with Dangerous Type vulnerability in Icewarp Mail Server 12.3.0.1
IceWarp Email Server 12.3.0.1 allows remote attackers to upload files and consume disk space.
network
low complexity
icewarp CWE-434
6.5
6.5
2020-07-15 CVE-2020-14064 Exposure of Resource to Wrong Sphere vulnerability in Icewarp Mail Server 12.3.0.1
IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts.
network
low complexity
icewarp CWE-668
6.5
6.5