Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:38 a.m.8 views

CVE-2019-19266

IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 and probably earlier versions allows XSS issue 2 of 2 in notes for objects...

5.4CVSS6.1AI score0.00602EPSS
Exploits2References1
Circl
Circl
added 2021/09/09 10:30 p.m.5 views

CVE-2020-19266

creationtimestamp| type| source ---|---|--- 2021-09-09 22:30:22+00:00| seen| https://t.me/cibsecurity/28629...

6.1CVSS6.1AI score0.00641EPSS
Exploits1References1
CVE
CVE
added 2021/09/09 5:44 p.m.40 views

CVE-2020-19266

A stored XSS vulnerability exists in Dswjcms 1.6.4, specifically in index.php/Dswjcms/Site/articleList, allowing attackers to execute arbitrary web scripts/HTML. The root cause is lack of input validation/escaping for the affected parameter. No explicit exploitation details or remediation are pro...

6.1CVSS5.9AI score0.00641EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/01/06 12:0 a.m.97 views

CVE-2019-19266

IceWarp WebMail Server 12.2.0 and 12.1.x prior to 12.2.1.1 are affected by a Cross‑Site Scripting (XSS) vulnerability in object notes. The root cause is lack of proper validation of client‑side data by the WEB application, allowing injected JavaScript to execute when notes are displayed to users....

5.4CVSS5.2AI score0.00602EPSS
Exploits2References2Affected Software1
Packet Storm
Packet Storm
added 2020/01/03 12:0 a.m.189 views

IceWarp 12.2.0 / 12.1.x Cross Site Scripting

Advisory: IceWarp: Cross-Site Scripting in Notes During a penetration test, RedTeam Pentesting discovered that the IceWarp WebMail Server is prone to cross-site scripting attacks in notes for objects. If attackers with access to the IceWarp system provide a manipulated object that is displayed by...

5.6AI score0.00602EPSS
Exploits2
CVE
CVE
added 2019/01/08 8:0 p.m.32 views

CVE-2018-19266

CVE-2018-19266 is rejected/not used; this CVE ID does not represent an active vulnerability entry.

7.3AI score
Exploits0
Rows per page
Query Builder