In the webmail component in IceWarp Server 11.3.1.5, there was an XSS vulnerability discovered in the "language" parameter.
6.1CVSS
5.9AI Score
0.001EPSS
In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter.
6.1CVSS
5.9AI Score
0.008EPSS
Open Redirect vulnerability exists in IceWarp MailServer IceWarp Server Deep Castle 2 Update 1 (13.0.1.2) via the referer parameter.
6.1CVSS
6.2AI Score
0.003EPSS