CVE-2010-5340

CVE-2010-5340

EPSS 0.8%

IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/ with the parameter password is non-persistent in 10.2.0.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://vuldb.com/?id.142993 https://www.gosecurity.ch/component/content/article/12-services/gosecuritynews/fachartikel/169-gosecurity-advisory-2010120602