Vulnerabilities (CVE)

Filtered by vendor Icewarp Subscribe

Filtered by product Mail Server

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 8 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-27982	1 Icewarp	1 Mail Server	2022-06-29	4.3 MEDIUM	6.1 MEDIUM
IceWarp 11.4.5.0 allows XSS via the language parameter.
CVE-2020-14064	1 Icewarp	1 Mail Server	2020-07-22	4.0 MEDIUM	6.5 MEDIUM
IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts.
CVE-2020-14065	1 Icewarp	1 Mail Server	2020-07-22	4.0 MEDIUM	6.5 MEDIUM
IceWarp Email Server 12.3.0.1 allows remote attackers to upload files and consume disk space.
CVE-2018-7475	1 Icewarp	1 Mail Server	2020-02-06	4.3 MEDIUM	6.1 MEDIUM
Cross-site scripting (XSS) vulnerability for webdav/ticket/ URIs in IceWarp Mail Server 12.0.3 allows remote attackers to inject arbitrary web script or HTML.
CVE-2019-19266	1 Icewarp	1 Mail Server	2020-01-08	3.5 LOW	5.4 MEDIUM
IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 (and probably earlier versions) allows XSS (issue 2 of 2) in notes for objects.
CVE-2019-19265	1 Icewarp	1 Mail Server	2020-01-08	4.3 MEDIUM	6.1 MEDIUM
IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 (and probably earlier versions) allows XSS (issue 1 of 2) in notes for contacts.
CVE-2018-16324	1 Icewarp	1 Mail Server	2018-11-06	4.3 MEDIUM	6.1 MEDIUM
In IceWarp Server 12.0.3.1 and before, there is XSS in the /webmail/ username field.
CVE-2017-12844	1 Icewarp	1 Mail Server	2017-08-29	3.5 LOW	4.8 MEDIUM
Cross-site scripting (XSS) vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name.