Vulnerabilities > Icewarp > Mail Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-01 | CVE-2018-16324 | Cross-site Scripting vulnerability in Icewarp Mail Server In IceWarp Server 12.0.3.1 and before, there is XSS in the /webmail/ username field. | 6.1 |
| 2018-06-30 | CVE-2018-7475 | Cross-site Scripting vulnerability in Icewarp Mail Server 12.0.3 Cross-site scripting (XSS) vulnerability for webdav/ticket/ URIs in IceWarp Mail Server 12.0.3 allows remote attackers to inject arbitrary web script or HTML. | 6.1 |
| 2018-05-08 | CVE-2015-1503 | Path Traversal vulnerability in Icewarp Mail Server Multiple directory traversal vulnerabilities in IceWarp Mail Server before 11.2 allow remote attackers to read arbitrary files via a (1) .. | 7.5 |
| 2017-08-23 | CVE-2017-12844 | Cross-site Scripting vulnerability in Icewarp Mail Server 10.4.4 Cross-site scripting (XSS) vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name. | 4.8 |