CVE-2023-39700

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Aug 25, 2023

Updated: Nov 7, 2023

CWE ID 79

Summary

CVE-2023-39700 is a newly discovered vulnerability affecting IceWarp Mail Server version 10.4.5. Hackers can exploit this reflected cross-site scripting (XSS) issue by manipulating the color parameter in unspecified ways. Successful attacks could result in the execution of malicious scripts in a user's browser, potentially leading to data theft or unauthorized access. Users are advised to upgrade to a patched version of the software or implement protective measures against XSS attacks as a temporary solution.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IceWarp

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sP2cWF
https://www.cve.org/CVERecord?id=CVE-2023-39700
https://nvd.nist.gov/vuln/detail/CVE-2023-39700

Back to Vulnerability Database

CVE-2023-39700

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations