Vulnerabilities > Icewarp > Mail Server > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-06 | CVE-2019-19266 | Cross-site Scripting vulnerability in Icewarp Mail Server IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 (and probably earlier versions) allows XSS (issue 2 of 2) in notes for objects. | 3.5 |
| 2017-08-23 | CVE-2017-12844 | Cross-site Scripting vulnerability in Icewarp Mail Server 10.4.4 Cross-site scripting (XSS) vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name. | 3.5 |