Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/18 12:9 p.m.20 views

CVE-2025-40632

Cross-site scripting XSS in Icewarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to modify the “lastLogin” cookie with malicious JavaScript code that will be executed when the page is rendered...

2CVSS6.3AI score0.00183EPSS
Exploits0References3
NVD
NVD
added 2025/05/16 11:15 a.m.9 views

CVE-2025-40632

Cross-site scripting XSS in Icewarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to modify the “lastLogin” cookie with malicious JavaScript code that will be executed when the page is rendered...

6.1CVSS0.00183EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/16 11:9 a.m.18 views

CVE-2025-40632 Cross-site scripting (XSS) vulnerability in IceWarp Mail Server

Cross-site scripting XSS in Icewarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to modify the “lastLogin” cookie with malicious JavaScript code that will be executed when the page is rendered...

2CVSS0.00183EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/16 11:9 a.m.6 views

CVE-2025-40632 Cross-site scripting (XSS) vulnerability in IceWarp Mail Server

Cross-site scripting XSS in Icewarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to modify the “lastLogin” cookie with malicious JavaScript code that will be executed when the page is rendered...

2CVSS5.8AI score0.00183EPSS
Exploits0References1
CVE
CVE
added 2025/05/16 11:9 a.m.24 views

CVE-2025-40632

IceWarp Mail Server (v11.4.0) contains a Cross-Site Scripting (XSS) vulnerability where an attacker can modify the lastLogin cookie to inject JavaScript that executes when the page renders. Affected component is the web-facing handling of user data; the root cause is lack of proper filtering/esca...

6.1CVSS5.9AI score0.00183EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder