Skip to main content

Webclient

2 CVEs product

Monthly

CVE-2023-43319 MEDIUM This Month

Cross Site Scripting (XSS) vulnerability in the Sign-In page of IceWarp WebClient 10.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Webclient
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-39598 MEDIUM POC This Month

Cross Site Scripting vulnerability in IceWarp Corporation WebClient v.10.2.1 allows a remote attacker to execute arbitrary code via a crafted payload to the mid parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE XSS Webclient
NVD
CVSS 3.1
6.1
EPSS
1.4%
EPSS 0% CVSS 6.1
MEDIUM This Month

Cross Site Scripting (XSS) vulnerability in the Sign-In page of IceWarp WebClient 10.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Webclient
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Cross Site Scripting vulnerability in IceWarp Corporation WebClient v.10.2.1 allows a remote attacker to execute arbitrary code via a crafted payload to the mid parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE XSS Webclient
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy