Every CVE whose affected-product data names Icewarp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2018-25269 — CVSS 6.1 (medium): ICEWARP 10.3.4 and 11.0.0.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML elements into…
CVE-2023-37728 — CVSS 6.1 (medium): IceWarp v10.2.1 was discovered to contain cross-site scripting (XSS) vulnerability via the color parameter.
CVE-2023-39600 — CVSS 6.1 (medium): IceWarp 11.4.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the color parameter.
CVE-2023-41013 — CVSS 6.1 (medium): Cross Site Scripting (XSS) in Webmail Calendar in IceWarp 10.3.1 allows remote attackers to inject arbitrary web script or HTML via the…
CVE-2024-0246 — CVSS 4.3 (medium): A vulnerability classified as problematic has been found in IceWarp 12.0.2.1/12.0.3.1. This affects an unknown part of the file /install/…