Cross-Site Scripting Vulnerability in IceWarp Software Merak Mail Server
CVE-2008-5734

Currently unrated

Key Information:

Vendor: Icewarp
Status: Merak Mail Server
Vendor: CVE Published:; 26 December 2008

What is CVE-2008-5734?

The vulnerability in IceWarp Software's Merak Mail Server version 9.3.2 allows malicious actors to exploit the system by injecting arbitrary web scripts or HTML through an IMG element within HTML email messages. This can lead to unauthorized actions executed in a user's browser, potentially exposing sensitive information or compromising user accounts.

References

http://www.securityfocus.com/bid/32969

vdb-entryx_refsource_BID

http://secunia.com/advisories/32770

third-party-advisoryx_refsource_SECUNIA

http://osvdb.org/50885

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 26, 2008
Vulnerability Reserved
Dec 26, 2008

JSON

Icewarp

What is CVE-2008-5734?

References

Timeline