In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
XSS
Icewarp Server
NVD
Exploit-DB
CVSS 3.1
6.1
EPSS
14.8%