3 matches found
CVE-2020-25925
Cross Site Scripting XSS in Webmail Calender in IceWarp WebClient 10.3.5 allows remote attackers to inject arbitrary web script or HTML via the "p4" field...
CVE-2020-25925
Cross Site Scripting XSS in Webmail Calender in IceWarp WebClient 10.3.5 allows remote attackers to inject arbitrary web script or HTML via the "p4" field...
CVE-2020-25925
CVE-2020-25925 describes a cross-site scripting (XSS) flaw in IceWarp WebClient’s Webmail Calendar (version 10.3.5). The vulnerability allows an attacker to inject arbitrary web script or HTML through the p4 field, enabling client-side code execution. The available connected documents confirm the...