CVE-2002-1899
published 2002-12-31CVE-2002-1899: Cross-site scripting (XSS) vulnerability in IceWarp Web Mail 3.3.3 and 3.4.5 allows remote attackers to inject arbitrary web script or HTML via the "Full Name"…
PriorityP413medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.26%
65.8th percentile
Cross-site scripting (XSS) vulnerability in IceWarp Web Mail 3.3.3 and 3.4.5 allows remote attackers to inject arbitrary web script or HTML via the "Full Name" (addressname) parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| icewarp | web_mail | — | — |
| icewarp | web_mail | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2002-08/0135.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-11/0172.htmlhttp://www.icewarp.com/Products/IceWarp_Web_Mail/releasenotes.txthttp://www.iss.net/security_center/static/9866.phphttp://archives.neohapsis.com/archives/bugtraq/2002-08/0135.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-11/0172.htmlhttp://www.icewarp.com/Products/IceWarp_Web_Mail/releasenotes.txthttp://www.iss.net/security_center/static/9866.php
2002-12-31
Published