CVE-2022-35115
IceWarp WebClient DC2 Update 2 Build 9 (13.0.2.9) is affected by a SQL injection vulnerability exploitable via the search parameter in /webmail/server/webmail.php. The issue yields a CVSSv3.1 score of 9.8 (CRITICAL) with Network attack vector, no user interaction, and requires no privileges. The ...