2 matches found
CVE-2020-27982
CVE-2020-27982 affects IceWarp WebMail 11.4.5.0 and is an XSS vulnerability exploitable via the language parameter (e.g., /webmail/?language=). The root cause is improper handling of the language parameter, enabling arbitrary JavaScript execution in a victim’s browser (session hijacking/defacemen...
Icewarp WebMail 11.4.5.0 Cross Site Scripting
Title: IceWarp WebMail Cross-Site Scripting Vulnerability + Date: 2020/10/25 + Author: Harun Karakış + Vendor Homepage: www.icewarp.com + Tested on: Windows 10 + Versions: 11.4.5.0 + Vulnerable Parameter: "language" Get Method + Vulnerable File: /webmail/ + Cve:CVE-2020-27982 PoC: + Go to :...