CVE Daily

CVE-2019-19266

IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 (and probably earlier v...

Medium CVSS 5.4

Overview

IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 (and probably earlier versions) allows XSS (issue 2 of 2) in notes for objects.

CWE: CWE-79 Published: 2020-01-06T00:15:10.430
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 5.4 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags