Vulnerabilities > Icewarp

DATE CVE VULNERABILITY TITLE RISK
2017-08-31 CVE-2017-7855 Cross-site Scripting vulnerability in Icewarp Server 11.3.1.5
In the webmail component in IceWarp Server 11.3.1.5, there was an XSS vulnerability discovered in the "language" parameter.
network
low complexity
icewarp CWE-79
6.1
2017-08-23 CVE-2017-12844 Cross-site Scripting vulnerability in Icewarp Mail Server 10.4.4
Cross-site scripting (XSS) vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name.
network
low complexity
icewarp CWE-79
4.8