Mail Server
Monthly
A vulnerability in Synology Mail Server allows remote authenticated attackers to read and write non-sensitive settings, and disable some non-critical functions.
Cross-site scripting (XSS) in Icewarp Mail Server affecting version 11.4.0. Rated low severity (CVSS 2.0), this vulnerability is no authentication required. No vendor patch available.
HTTP host header injection vulnerability in Icewarp Mail Server affecting version 11.4.0. Rated low severity (CVSS 2.0), this vulnerability is no authentication required. No vendor patch available.
Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability in Synology Mail Server allows remote authenticated attackers to read and write non-sensitive settings, and disable some non-critical functions.
Cross-site scripting (XSS) in Icewarp Mail Server affecting version 11.4.0. Rated low severity (CVSS 2.0), this vulnerability is no authentication required. No vendor patch available.
HTTP host header injection vulnerability in Icewarp Mail Server affecting version 11.4.0. Rated low severity (CVSS 2.0), this vulnerability is no authentication required. No vendor patch available.
Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.