Lucene search
K

6 matches found

OpenVAS
OpenVAS
added 2009/05/18 12:0 a.m.65 views

IceWarp Merak Mail Server < 9.4.2 Multiple Vulnerabilities

IceWarp Merak Mail Server is prone to multiple vulnerabilities. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free softwar...

6.4AI score
Exploits0References9
CVE
CVE
added 2009/05/05 8:0 p.m.77 views

CVE-2009-1467

CVE-2009-1467 affects IceWarp WebMail Server and IceWarp eMail Server prior to version 9.4.2. The vulnerability is an XSS flaw in RSS feed handling and email view: the RSS feed item’s title and href are inserted unmodified, while the description is sanitized via cleanHTML, per the getHTML and RSS...

4.3CVSS5.6AI score0.02389EPSS
Exploits4References11Affected Software2
securityvulns
securityvulns
added 2009/05/05 12:0 a.m.76 views

[RT-SA-2009-001] IceWarp WebMail Server: Cross Site Scripting in Email View

Advisory: IceWarp WebMail Server: Cross Site Scripting in Email View During a penetration test, RedTeam Pentesting discovered that the IceWarp WebMail Server is prone to Cross Site Scripting attacks in its email view. This enables attackers to send emails with embedded JavaScript code, for exampl...

4.3CVSS5.7AI score0.02389EPSS
Exploits4
Packet Storm
Packet Storm
added 2009/05/05 12:0 a.m.130 views

IceWarp WebMail RSS Feed XSS

Advisory: IceWarp WebMail Server: User-assisted Cross Site Scripting in RSS Feed Reader During a penetration test, RedTeam Pentesting discovered that the IceWarp WebMail Server is prone to user-assisted Cross Site Scripting attacks in its RSS feed reader. If attackers control or compromise an RSS...

4.3CVSS6.5AI score0.02389EPSS
Exploits4
Packet Storm
Packet Storm
added 2009/05/05 12:0 a.m.59 views

IceWarp WebMail Email View XSS

Advisory: IceWarp WebMail Server: Cross Site Scripting in Email View During a penetration test, RedTeam Pentesting discovered that the IceWarp WebMail Server is prone to Cross Site Scripting attacks in its email view. This enables attackers to send emails with embedded JavaScript code, for exampl...

4.3CVSS0.4AI score0.02389EPSS
Exploits4
securityvulns
securityvulns
added 2009/05/05 12:0 a.m.74 views

[RT-SA-2009-002] IceWarp WebMail Server: User-assisted Cross Site Scripting in RSS Feed Reader

Advisory: IceWarp WebMail Server: User-assisted Cross Site Scripting in RSS Feed Reader During a penetration test, RedTeam Pentesting discovered that the IceWarp WebMail Server is prone to user-assisted Cross Site Scripting attacks in its RSS feed reader. If attackers control or compromise an RSS...

4.3CVSS6.1AI score0.02389EPSS
Exploits4
Rows per page
Query Builder