Vulnerabilities > Icewarp > Merak Mail Server > 8.9.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-09-24 | CVE-2007-5046 | Cross-Site Scripting vulnerability in Icewarp Merak Mail Server 8.9.1/8.9.2 Cross-site scripting (XSS) vulnerability in the Webmail interface for IceWarp Merak Mail Server before 9.0.0 allows remote attackers to inject arbitrary JavaScript via a javascript: URI in an attribute of an element in an email message body, as demonstrated by the onload attribute in a BODY element. | 4.3 |