Cross-site scripting (XSS) vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name.
References
Link | Resource |
---|---|
https://youtu.be/MI4dhEia1d4 | Exploit Third Party Advisory |
Configurations
Information
Published : 2017-08-23 07:29
Updated : 2017-08-29 07:36
NVD link : CVE-2017-12844
Mitre link : CVE-2017-12844
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
icewarp
- mail_server