Webclient
This hub aggregates every CVE we track for Webclient, a product in the communications space. Use it to gauge the current risk picture and drill into individual advisories.
11
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM9HIGH2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 11 most recently published vulnerabilities affecting Webclient.
- CVE-2023-43319Cross Site Scripting (XSS) vulnerability in the Sign-In page of IceWarp WebClient 10.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username p...6.1
- CVE-2023-39598Cross Site Scripting vulnerability in IceWarp Corporation WebClient v.10.2.1 allows a remote attacker to execute arbitrary code via a crafted payload to the mid parameter.6.1
- CVE-2020-25925Cross Site Scripting (XSS) in Webmail Calender in IceWarp WebClient 10.3.5 allows remote attackers to inject arbitrary web script or HTML via the "p4" field.6.1
- CVE-2021-32816Regular expression Denial of Service in ProtonMail6.5
- CVE-2010-5334IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain para...7.5
- CVE-2010-5335IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain para...7.5
- CVE-2010-5336IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: admin/login.html with the parameter username is persistent in 10.2.0.6.1
- CVE-2010-5337IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][controller] is non-persistent in 10.1.3 and 10.2.0.6.1
- CVE-2010-5338IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][action] is non-persistent in 10.1.3 and 10.2.0.6.1
- CVE-2010-5339IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][uid] is non-persistent in 10.1.3 and 10.2.0.6.1
- CVE-2010-5340IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/ with the parameter password is non-persistent in 10.2.0.6.1
Product normalization is registry-driven with AI assist and human review. How it works