CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-43319

Cross Site Scripting (XSS) vulnerability in the Sign-In page of IceWarp WebClient 10.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 34.4%

CVSS Severity

CVSS v3 Score 6.1

References

https://medium.com/%40muthumohanprasath.r/reflected-cross-site-scripting-on-icewarp-webclient-product-cve-2023-43319-c2ad758ac2bc
https://medium.com/%40muthumohanprasath.r/reflected-cross-site-scripting-on-icewarp-webclient-product-cve-2023-43319-c2ad758ac2bc

Products affected by CVE-2023-43319

Icewarp » Webclient » Version: 10.3.5

cpe:2.3:a:icewarp:webclient:10.3.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-43319

Products

Pricing

Contact Us