Cross-site scripting (XSS) vulnerability for webdav/ticket/ URIs in IceWarp Mail Server 12.0.3 allows remote attackers to inject arbitrary web script or HTML.
References
Link | Resource |
---|---|
https://www.youtube.com/watch?v=8_3Q80JrMm4 | Exploit Third Party Advisory |
https://0xd0ff9.wordpress.com/2018/06/21/cve-2018-7475/ | Exploit Third Party Advisory |
Configurations
Information
Published : 2018-06-30 07:29
Updated : 2020-02-06 06:43
NVD link : CVE-2018-7475
Mitre link : CVE-2018-7475
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
icewarp
- mail_server