Cross-Site Scripting Vulnerability in IceWarp Web Mail by IceWarp
CVE-2002-1899

Currently unrated

Key Information:

Vendor: Icewarp
Status: Web Mail
Vendor: CVE Published:; 31 December 2002

What is CVE-2002-1899?

The IceWarp Web Mail versions 3.3.3 and 3.4.5 contain a cross-site scripting vulnerability. This security flaw allows remote attackers to inject arbitrary web scripts or HTML into web pages by manipulating the 'Full Name' (addressname) parameter. If successfully exploited, the vulnerability could lead to unauthorized actions on behalf of users, including displaying misleading content or stealing sensitive information.

References

http://www.iss.net/security_center/static/9866.php

vdb-entryx_refsource_XF

http://www.icewarp.com/Products/IceWarp_Web_Mail/releasen...

x_refsource_CONFIRM

http://archives.neohapsis.com/archives/bugtraq/2002-11/01...

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 31, 2002

JSON

Icewarp

What is CVE-2002-1899?

References

Timeline