CVE-2025-40630

Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to redirect a user to any domain by sending a malicious URL to the victim, for example “ https://icewarp.domain.com///%2e%2e” https://icewarp.domain.com///%2e%2e” . This...

CVE-2025-40630

IceWarp Mail Server ≤11.4.0 suffers an open redirect vulnerability. The issue is triggered by crafting malicious URLs that redirect users to arbitrary external domains (examples show vulnerable URL formats). Root cause is improper handling of target URLs leading to redirects. Affected product/ver...