Vulnerabilities > Icewarp > Webclient > 10.3.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-25 | CVE-2023-43319 | Cross-site Scripting vulnerability in Icewarp Webclient 10.3.5 Cross Site Scripting (XSS) vulnerability in the Sign-In page of IceWarp WebClient 10.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter. | 6.1 |
| 2021-07-07 | CVE-2020-25925 | Cross-site Scripting vulnerability in Icewarp Webclient 10.3.5 Cross Site Scripting (XSS) in Webmail Calender in IceWarp WebClient 10.3.5 allows remote attackers to inject arbitrary web script or HTML via the "p4" field. | 4.3 |