exploitDog

GHSA-qxgw-cmmh-8chh

Опубликовано: 16 мая 2025

Источник: github

Github: Не прошло ревью

CVSS4: 2

CVSS3: 6.1

Описание

Cross-site scripting (XSS) in Icewarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to modify the “lastLogin” cookie with malicious JavaScript code that will be executed when the page is rendered.

Cross-site scripting (XSS) in Icewarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to modify the “lastLogin” cookie with malicious JavaScript code that will be executed when the page is rendered.

Ссылки

EPSS

Процентиль: 11%

0.00038

Низкий

2 Low

CVSS4

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-40632

CVSS3: 6.1

nvd

9 месяцев назад

Cross-site scripting (XSS) in Icewarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to modify the “lastLogin” cookie with malicious JavaScript code that will be executed when the page is rendered.

EPSS

Процентиль: 11%

0.00038

Низкий

2 Low

CVSS4

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79