CVE-2024-21501

An information exposure flaw was found in the sanitize-html package, when used on the backend with the style attribute allowed. This issue may allow an attacker to enumerate files in the system, including project dependencies, to gather details about the file system structure and dependencies of...

CVE-2023-39699

IceWarp Mail Server v10.4.5 was discovered to contain a local file inclusion LFI vulnerability via the component /calendar/minimizer/index.php. This vulnerability allows attackers to include or execute files from the local file system of the targeted server...