Vulnerabilities > Icewarp > Webclient > 10.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-11 | CVE-2010-5340 | Cross-site Scripting vulnerability in Icewarp Webclient 10.0/10.1.3/10.2.0 IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/ with the parameter password is non-persistent in 10.2.0. | 6.1 |
| 2019-10-11 | CVE-2010-5339 | Cross-site Scripting vulnerability in Icewarp Webclient 10.0/10.1.3/10.2.0 IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][uid] is non-persistent in 10.1.3 and 10.2.0. | 6.1 |
| 2019-10-11 | CVE-2010-5338 | Cross-site Scripting vulnerability in Icewarp Webclient 10.0/10.1.3/10.2.0 IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][action] is non-persistent in 10.1.3 and 10.2.0. | 6.1 |
| 2019-10-11 | CVE-2010-5337 | Cross-site Scripting vulnerability in Icewarp Webclient 10.0/10.1.3/10.2.0 IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][controller] is non-persistent in 10.1.3 and 10.2.0. | 6.1 |
| 2019-10-11 | CVE-2010-5336 | Cross-site Scripting vulnerability in Icewarp Webclient 10.0/10.1.3/10.2.0 IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: admin/login.html with the parameter username is persistent in 10.2.0. | 6.1 |
| 2019-10-11 | CVE-2010-5335 | Path Traversal vulnerability in Icewarp Webclient 10.0/10.1.3/10.2.0 IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. | 7.5 |
| 2019-10-11 | CVE-2010-5334 | Path Traversal vulnerability in Icewarp Webclient 10.0/10.1.3/10.2.0 IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. | 7.5 |