Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mail_server
(Icewarp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 16 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-07-27 | CVE-2021-36580 | Open Redirect vulnerability exists in IceWarp MailServer IceWarp Server Deep Castle 2 Update 1 (13.0.1.2) via the referer parameter. | Icewarp_server, Mail_server | 6.1 | ||
| 2023-08-25 | CVE-2023-39700 | IceWarp Mail Server v10.4.5 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the color parameter. | Mail_server | 6.1 | ||
| 2023-08-25 | CVE-2023-39699 | IceWarp Mail Server v10.4.5 was discovered to contain a local file inclusion (LFI) vulnerability via the component /calendar/minimizer/index.php. This vulnerability allows attackers to include or execute files from the local file system of the targeted server. | Mail_server | 9.8 | ||
| 2020-11-02 | CVE-2020-27982 | IceWarp 11.4.5.0 allows XSS via the language parameter. | Mail_server | 6.1 | ||
| 2020-07-15 | CVE-2020-14066 | IceWarp Email Server 12.3.0.1 allows remote attackers to upload JavaScript files that are dangerous for clients to access. | Mail_server | N/A | ||
| 2020-07-15 | CVE-2020-14065 | IceWarp Email Server 12.3.0.1 allows remote attackers to upload files and consume disk space. | Mail_server | N/A |