Mail Server Security Vulnerabilities and Issues — Mail Server CVE List

Lucene search

IcewarpMail Server

3 matches found

CVE•added 2018/05/08 8:29 p.m.•55 views

CVE-2015-1503

Multiple directory traversal vulnerabilities in IceWarp Mail Server before 11.2 allow remote attackers to read arbitrary files via a (1) .. (dot dot) in the file parameter to a webmail/client/skins/default/css/css.php page or .../. (dot dot dot slash dot) in the (2) script or (3) style parameter to...

7.8CVSS7.5AI score0.91339EPSS

CVE•added 2018/06/30 2:29 p.m.•35 views

CVE-2018-7475

Cross-site scripting (XSS) vulnerability for webdav/ticket/ URIs in IceWarp Mail Server 12.0.3 allows remote attackers to inject arbitrary web script or HTML.

6.1CVSS6.1AI score0.00329EPSS

CVE•added 2018/09/01 6:29 p.m.•32 views

CVE-2018-16324

In IceWarp Server 12.0.3.1 and before, there is XSS in the /webmail/ username field.

6.1CVSS6AI score0.00234EPSS