2 results (0.011 seconds)

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

Open Redirect vulnerability exists in IceWarp MailServer IceWarp Server Deep Castle 2 Update 1 (13.0.1.2) via the referer parameter. • http://icewarp.com http://mail.ziyan.com https://medium.com/%40rohitgautam26/cve-2021-36580-69219798231c • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 3

In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter. En IceWarp Webmail Server versiones hasta 11.4.4.1, se presenta una vulnerabilidad XSS en el parámetro color del archivo /webmail/. IceWarp WebMail versions 11.4.4.1 and below suffer from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/47988 http://packetstormsecurity.com/files/156103/IceWarp-WebMail-11.4.4.1-Cross-Site-Scripting.html https://cxsecurity.com/issue/WLB-2020010205 https://packetstormsecurity.com/files/156103/IceWarp-WebMail-11.4.4.1-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •