Vulnerability Details CVE-2010-5336
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: admin/login.html with the parameter username is persistent in 10.2.0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.8%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://vuldb.com/?id.142993
- https://www.gosecurity.ch/component/content/article/12-services/gosecuritynews/fachartikel/169-gosecurity-advisory-2010120602
- https://vuldb.com/?id.142993
- https://www.gosecurity.ch/component/content/article/12-services/gosecuritynews/fachartikel/169-gosecurity-advisory-2010120602
Products affected by CVE-2010-5336
-
cpe:2.3:a:icewarp:webclient:-
-
cpe:2.3:a:icewarp:webclient:10.0
-
cpe:2.3:a:icewarp:webclient:10.1.3
-
cpe:2.3:a:icewarp:webclient:10.2.0