Title:IceWarp Mail Server 跨站脚本漏洞 (CVE-2023-39700) Description:IceWarp Mail Server是捷克爱思华宝(IceWarp)公司的一款邮件服务器产品。该产品支持电子邮件归档、SmartAttach附件、自动迁移等。 IceWarp Mail Server v10.4.5版本存在安全漏洞,该漏洞源于参数color存在反射型跨站脚本(XSS)漏洞。
Description
IceWarp Mail Server v10.4.5 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the color parameter.
File Snapshot
id: CVE-2023-39700
info:
name: IceWarp Mail Server v10.4.5 - Cross-Site Scripting
author: r3Y3r
...
Shenlong Bot has cached this for you
Remarks
1. It is advised to access via the original source first.2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.