PT-2017-17957 · Icewarp · Icewarp Server

Published

2017-08-31

Updated

2017-09-05

CVE-2017-7855

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions IceWarp Server version 11.3.1.5

Description A security issue was found in the webmail component, specifically an XSS vulnerability related to the language parameter.

Recommendations For IceWarp Server version 11.3.1.5, avoid using the language parameter in the affected webmail component until the issue is resolved.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2017-7855

Affected Products

Icewarp Server

PT-2017-17957 · Icewarp · Icewarp Server

CVE-2017-7855

Weakness Enumeration

Related Identifiers

Affected Products

References · 3