{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-05-05T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in IceWarp eMail Server and WebMail Server before 9.4.2 allow remote attackers to inject arbitrary web script or HTML via (1) the body of a message, related to the email view and incorrect HTML filtering in the cleanHTML function in server/inc/tools.php; or the (2) title, (3) link, or (4) description element in an RSS feed, related to the getHTML function in server/inc/rss/item.php."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "merak-webmail-xss(50331)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50331"}, {"name": "34825", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/34825"}, {"name": "1022167", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1022167"}, {"name": "20090505 [RT-SA-2009-001] IceWarp WebMail Server: Cross Site Scripting in Email View", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/503225/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://www.redteam-pentesting.de/advisories/rt-sa-2009-001"}, {"tags": ["x_refsource_MISC"], "url": "http://www.redteam-pentesting.de/advisories/rt-sa-2009-002"}, {"name": "ADV-2009-1253", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/1253"}, {"name": "54227", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/54227"}, {"name": "54226", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/54226"}, {"name": "20090505 [RT-SA-2009-002] IceWarp WebMail Server: User-assisted Cross Site Scripting in RSS Feed Reader", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/503229/100/0/threaded"}, {"name": "1022168", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1022168"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-1467", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in IceWarp eMail Server and WebMail Server before 9.4.2 allow remote attackers to inject arbitrary web script or HTML via (1) the body of a message, related to the email view and incorrect HTML filtering in the cleanHTML function in server/inc/tools.php; or the (2) title, (3) link, or (4) description element in an RSS feed, related to the getHTML function in server/inc/rss/item.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "merak-webmail-xss(50331)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50331"}, {"name": "34825", "refsource": "BID", "url": "http://www.securityfocus.com/bid/34825"}, {"name": "1022167", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022167"}, {"name": "20090505 [RT-SA-2009-001] IceWarp WebMail Server: Cross Site Scripting in Email View", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/503225/100/0/threaded"}, {"name": "http://www.redteam-pentesting.de/advisories/rt-sa-2009-001", "refsource": "MISC", "url": "http://www.redteam-pentesting.de/advisories/rt-sa-2009-001"}, {"name": "http://www.redteam-pentesting.de/advisories/rt-sa-2009-002", "refsource": "MISC", "url": "http://www.redteam-pentesting.de/advisories/rt-sa-2009-002"}, {"name": "ADV-2009-1253", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1253"}, {"name": "54227", "refsource": "OSVDB", "url": "http://osvdb.org/54227"}, {"name": "54226", "refsource": "OSVDB", "url": "http://osvdb.org/54226"}, {"name": "20090505 [RT-SA-2009-002] IceWarp WebMail Server: User-assisted Cross Site Scripting in RSS Feed Reader", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/503229/100/0/threaded"}, {"name": "1022168", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022168"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T05:13:25.568Z"}, "title": "CVE Program Container", "references": [{"name": "merak-webmail-xss(50331)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50331"}, {"name": "34825", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/34825"}, {"name": "1022167", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1022167"}, {"name": "20090505 [RT-SA-2009-001] IceWarp WebMail Server: Cross Site Scripting in Email View", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/503225/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.redteam-pentesting.de/advisories/rt-sa-2009-001"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.redteam-pentesting.de/advisories/rt-sa-2009-002"}, {"name": "ADV-2009-1253", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/1253"}, {"name": "54227", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/54227"}, {"name": "54226", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/54226"}, {"name": "20090505 [RT-SA-2009-002] IceWarp WebMail Server: User-assisted Cross Site Scripting in RSS Feed Reader", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/503229/100/0/threaded"}, {"name": "1022168", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1022168"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-1467", "datePublished": "2009-05-05T20:00:00", "dateReserved": "2009-04-28T00:00:00", "dateUpdated": "2024-08-07T05:13:25.568Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:icewarp:email_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "6EC05573-9E95-4E38-9BB7-8EEC2207F93A", "versionEndIncluding": "9.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.105:*:*:*:*:*:*:*", "matchCriteriaId": "65413C6D-2477-46BE-A9E0-DFEBFA4984B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.110:*:*:*:*:*:*:*", "matchCriteriaId": "D626E83E-B8D2-488C-86A1-E9EEE26338AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.115:*:*:*:*:*:*:*", "matchCriteriaId": "3BC20926-AA4F-411B-AC96-F411E7A00ACF", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.140:*:*:*:*:*:*:*", "matchCriteriaId": "B6B4CF45-C28E-4F9B-8593-FC3227FD3B5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.150:*:*:*:*:*:*:*", "matchCriteriaId": "DCB40BD9-01B0-43A8-B382-6AF471D4E5DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.165:*:*:*:*:*:*:*", "matchCriteriaId": "273ACE18-425A-42F4-A1C4-A729E61C06D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.170:*:*:*:*:*:*:*", "matchCriteriaId": "A049A822-9A1D-4A67-B3C7-87F37CE14966", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.190:*:*:*:*:*:*:*", "matchCriteriaId": "FF6A3368-1C9F-404C-B22C-5BA19F8C89DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.200:*:*:*:*:*:*:*", "matchCriteriaId": "421C0DFF-83B4-494F-B56F-80FCB7465383", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.210:*:*:*:*:*:*:*", "matchCriteriaId": "CD09ABFB-431C-4F81-8B75-1E310FF1DEB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.220:*:*:*:*:*:*:*", "matchCriteriaId": "10D46E21-2A13-4378-B9D9-77B75C574053", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.240:*:*:*:*:*:*:*", "matchCriteriaId": "5637C09C-F43E-41DB-A8C1-AE08DEC5E07F", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.250:*:*:*:*:*:*:*", "matchCriteriaId": "2F1E0EB6-D30B-4448-A61D-79F3720ED199", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.260:*:*:*:*:*:*:*", "matchCriteriaId": "7EB1408C-6076-45C4-8532-41B946E9F2CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.280:*:*:*:*:*:*:*", "matchCriteriaId": "64040FAE-3457-4153-84F5-DB4C0F298DF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.290:*:*:*:*:*:*:*", "matchCriteriaId": "53883B0E-662C-41E6-B0E4-44052243B8CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.310:*:*:*:*:*:*:*", "matchCriteriaId": "659D6D8F-6E4F-4961-88D8-93AEBBBACA2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.320:*:*:*:*:*:*:*", "matchCriteriaId": "F5CD4B14-457C-493B-8206-63AC78C677BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.330:*:*:*:*:*:*:*", "matchCriteriaId": "DD881C18-E67E-431D-BF64-E9AD74B623B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.331:*:*:*:*:*:*:*", "matchCriteriaId": "9498A897-FC1E-42F7-A766-F2F3F3AD73DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.340:*:*:*:*:*:*:*", "matchCriteriaId": "86FD3A63-6985-4557-BCBF-A6C3C62965C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.350:*:*:*:*:*:*:*", "matchCriteriaId": "5C730232-BE10-485B-B7E6-C7221FF830CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:2.10.360:*:*:*:*:*:*:*", "matchCriteriaId": "75BCAB2F-D3DC-446C-B260-E6528D424574", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:3.00.100:*:*:*:*:*:*:*", "matchCriteriaId": "7517B62B-E8BD-46BE-8876-210AF4BBCFEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:3.00.110:*:*:*:*:*:*:*", "matchCriteriaId": "380A25A3-84E8-4660-8E1E-D9F86CCDF451", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:3.00.120:*:*:*:*:*:*:*", "matchCriteriaId": "2F811823-8E74-4940-82BF-0BB874A2EDAF", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:3.00.130:*:*:*:*:*:*:*", "matchCriteriaId": "0D881063-B61C-4C8D-BA5B-C924968284C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:3.00.140:*:*:*:*:*:*:*", "matchCriteriaId": "BA4F4994-9B1C-4975-80A0-48CFC8A59F62", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:3.10.011:*:*:*:*:*:*:*", "matchCriteriaId": "FC092BCB-C03D-489A-8169-A78672DDAC1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:3.10.110:*:*:*:*:*:*:*", "matchCriteriaId": "82BCBCDB-1C96-4AD9-9BD5-6C6F28B0A59A", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:4.00.30:*:*:*:*:*:*:*", "matchCriteriaId": "377D2092-82CD-4BE5-92CB-1B6970C9B343", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "5637CE33-3C19-4BF5-9768-B680FC16DD75", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "27100290-294C-4938-9E31-5E4EC1CC0DD7", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "257EF71D-D21C-42D6-B799-0CDE4D48D8BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "885DC4F5-0809-4BD0-8EB9-26B6F7AC5D3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:4.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "772781AF-D898-41E0-94CA-5E4E68263B7D", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:4.10.040:*:*:*:*:*:*:*", "matchCriteriaId": "EF8458C9-BB0B-450A-906E-982183D2D112", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:4.10.050:*:*:*:*:*:*:*", "matchCriteriaId": "E6E554A0-B31E-42EC-AC96-02928324D8D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "516EB69D-9AA3-4E39-8902-54F1BE74FF40", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "9FAAD90B-2109-4EA8-B6E9-6DC097E46BB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "C66CFCE9-52A8-4F40-A256-A4246B9A0345", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "20CB84F9-D621-4C76-B7FD-7CBE9126C7C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "16F5651E-AFC4-4ED5-89A3-4FFF17849892", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "5F9E8EF6-6EDA-4204-A9BE-9F0A1FA67F02", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "B52C4762-F008-4A95-9DB2-0187C918D2D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "0D7D1390-BB52-4E73-9D53-AC7C890273FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "16D2E155-E79B-4F92-8150-49385D9ED683", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "7243D261-9880-4FC1-A709-B270D451819C", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "ECA1EEB6-F96D-4CB4-B19B-FE298A7106CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "C1D65F51-8021-47C5-A587-AC1F08A690E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "92E5E64D-EBF3-44AA-A986-B3A668CA84FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "E436882C-626F-44E0-92C1-AB42679DB36E", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "A838F48D-65D4-4D0A-AD70-770E564C414F", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "528BA85A-A479-4AE5-AE58-4F223EC70CDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "7C4DFEC2-E095-4670-A87D-9686FFBACE16", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "EE29A7F9-B10D-43DE-ACF9-82799A5AB622", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "7C1CE47F-2420-455E-8D59-9115F8553786", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "9479F83D-4C9B-4E09-8173-FEF3D648D173", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:5.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "78426705-364D-44A8-9D11-52FA221501F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "84F5E9BC-1925-4109-88CA-BDDA2760A410", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "34006ADE-3045-4730-9905-F2739F03B37F", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:6.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "16C43E85-FCD9-4C27-9D0F-FDBD6C6BE11C", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:6.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "79BE6199-BDF4-492F-AD3F-8F228B3333D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:6.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "AD60C3BF-BFA2-48DE-BFF8-862BEB55DC02", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F59FE641-F8C2-4499-A68F-4C7B67446B5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3BCB7BC6-8B20-4BA0-A228-FFA64B9D2679", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:7.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "A5F0B2E0-74A3-40B7-AF4E-547401ABF7A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:7.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "58A59BCD-74B9-4E7F-A79A-293E75ED1457", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "D6AFCD42-008D-47C3-B91F-CDBF753B4DBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:7.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F5318A0-2F46-483C-B4C1-DE5E78E2B206", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:7.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "A5203E03-7810-4FBD-BC29-85D4FC0C44F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:7.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "C6A978E8-6F27-4FAA-9B1C-EAD110F3A626", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:7.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "ADB831B3-D03A-4597-9DA0-0C1101751A73", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:7.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "12E0046D-0F36-4882-BF2E-0C54A6DAF3E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:7.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "B6628764-234B-4B2F-BB96-BC502781D900", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:8.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "534C2A48-DC12-41D1-A848-5826D8D00A4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:8.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "33E40169-02AC-4F18-B085-58B16073CDF9", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:8.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "31F92171-ACF9-49F7-88FA-662FE6EC05E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:8.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "B8C4E23C-34D9-4655-9FEF-E99D94BFCBCF", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:8.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "C585DB99-2778-473C-9D20-5B707C12E961", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:8.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "B7888DF8-A12C-4583-A4A1-8FD77F258BBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:8.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "39616720-7128-4364-A376-4F272DE6052E", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:8.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D109C95C-E55B-4E26-818D-1F6A5EF879FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:8.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23876D5-6BD5-446A-A8B8-EFF5293E2C97", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:9.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "9142EEFA-753E-4CB2-97E0-644EF942E149", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:9.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "90B14DCB-3070-4A68-AE00-4004542739C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:email_server:9.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "F0C3C5AF-13AE-482C-ACE8-8E9EA2A104E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "8BE0C1F2-E9EB-441F-BA29-26F8AE5CD53C", "versionEndIncluding": "9.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.105:*:*:*:*:*:*:*", "matchCriteriaId": "B825E8AC-E3E0-4D6F-AEB1-1C8571F42B84", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.110:*:*:*:*:*:*:*", "matchCriteriaId": "B629D1A8-4D8A-4814-B88F-D26DE0A8AD64", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.115:*:*:*:*:*:*:*", "matchCriteriaId": "626E5CBB-A953-4D6C-9AA3-BD8FC44AC310", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.140:*:*:*:*:*:*:*", "matchCriteriaId": "B00D854B-D34B-41BD-9B28-573B0A66FF95", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.150:*:*:*:*:*:*:*", "matchCriteriaId": "FF300F62-E247-4A6F-89B1-F27CD22D2AFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.165:*:*:*:*:*:*:*", "matchCriteriaId": "BE9F5609-2C2B-4D57-974F-E4AA7A1354F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.170:*:*:*:*:*:*:*", "matchCriteriaId": "69EE8E28-E95B-48F9-87BF-9A6A713C614B", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.190:*:*:*:*:*:*:*", "matchCriteriaId": "60BE3477-86AF-4301-905C-B2D41347C95D", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.200:*:*:*:*:*:*:*", "matchCriteriaId": "23CED09C-9C1F-4E98-87E4-FF1AF3FDB3EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.210:*:*:*:*:*:*:*", "matchCriteriaId": "16A67BBF-D7D2-4780-BB52-6247B1C2BF12", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.220:*:*:*:*:*:*:*", "matchCriteriaId": "11F50DDD-14C5-430C-BA64-39DBF86C8195", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.240:*:*:*:*:*:*:*", "matchCriteriaId": "E48D0885-9A43-41CF-97F5-DEE654DEB4FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.250:*:*:*:*:*:*:*", "matchCriteriaId": "F36F5040-A148-4D41-AEDE-E2031FC0783A", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.260:*:*:*:*:*:*:*", "matchCriteriaId": "D3D444E7-8533-49C9-BEA5-95B1867D5B20", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.280:*:*:*:*:*:*:*", "matchCriteriaId": "AC9FE52B-976E-45D5-9F72-0DA02A549283", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.290:*:*:*:*:*:*:*", "matchCriteriaId": "E07F2597-CBEB-4CF4-853B-432C90A0E5F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.310:*:*:*:*:*:*:*", "matchCriteriaId": "000C3F0B-5083-4E2A-9C3B-A3BBD8F5FC78", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.320:*:*:*:*:*:*:*", "matchCriteriaId": "0C2E1F50-0C4F-49BD-837B-E0A6AA897F45", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.330:*:*:*:*:*:*:*", "matchCriteriaId": "2D7527FB-5E18-4E25-A344-6FF3AD48F440", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.331:*:*:*:*:*:*:*", "matchCriteriaId": "EA4C32D2-A4D3-4D1D-8C40-A19E71D2CD8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.340:*:*:*:*:*:*:*", "matchCriteriaId": "D96B83F5-78EF-46C7-AEF3-B07DC47AD36E", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.350:*:*:*:*:*:*:*", "matchCriteriaId": "3E812EF7-F33C-4A9E-B21C-9E713EAA5DAF", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:2.10.360:*:*:*:*:*:*:*", "matchCriteriaId": "3313DDB5-AB69-4FC6-B404-7161DFD42065", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:3.00.100:*:*:*:*:*:*:*", "matchCriteriaId": "AC5A2472-E80B-453E-AC87-61755089F816", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:3.00.110:*:*:*:*:*:*:*", "matchCriteriaId": "CBE775DD-1332-4DBD-B43E-82DEDF65EDBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:3.00.120:*:*:*:*:*:*:*", "matchCriteriaId": "81AACBDC-A27F-42E9-9503-BEAE6277C38E", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:3.00.130:*:*:*:*:*:*:*", "matchCriteriaId": "994FED3B-18B0-43CD-AF69-71363EB69A6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:3.00.140:*:*:*:*:*:*:*", "matchCriteriaId": "B8C1006A-9BA2-4E2E-934A-E6D84FE31F69", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:3.10.011:*:*:*:*:*:*:*", "matchCriteriaId": "251150DB-9F36-4024-83E5-CCB61788D591", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:3.10.110:*:*:*:*:*:*:*", "matchCriteriaId": "1E018C4E-3442-43DF-A62C-8EF32F582376", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:4.00.30:*:*:*:*:*:*:*", "matchCriteriaId": "D9E5C940-3411-4298-AF22-4E0CD0897068", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "40084349-0248-4DCA-84FF-BAFC61913B21", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "6E67D777-B1EE-467C-A9F6-3FE3AC602BAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "DA9BA513-7DFF-4DA5-A850-1932332AB713", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "68B44F9B-36F5-42A5-8007-F4437C5956FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:4.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "11D9460D-8004-4C48-8435-5BB55E18407F", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:4.10.040:*:*:*:*:*:*:*", "matchCriteriaId": "1D37D32E-49FF-48AE-AB1D-5F83FB4ABC1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:4.10.050:*:*:*:*:*:*:*", "matchCriteriaId": "549C6763-6BAC-418D-801E-BA219BA84306", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "78C15656-8A36-446F-B72E-B5D8D02118C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "A1F6586C-A227-4ABA-BBCD-7608BC3AE986", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "35887E35-7075-4DA7-9DA0-43784E83E523", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "C96A0CF4-4646-42C2-A2D1-D143307AA075", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "4587B57E-E5CF-46F7-914C-3E3FF62ABF33", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "8F92BC1B-439E-497E-AE9A-0962C665EA34", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "2245DA60-68D3-4FF0-9E22-EE469BFDCA51", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "EF984C80-8F2A-444E-8176-AF4207659443", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "998D7471-D097-40FF-9749-D1F1F540676C", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "B349E3F2-5D93-4448-B901-5A51682A095D", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "426A5CA3-5AF9-409F-8CC5-8B012F9B4D88", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "CB35A154-98E1-4EF7-9B5A-1691023E69AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "C34887E6-AB33-48C1-BD0A-015C141498C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "A3CDBBC7-EEF8-40A4-B32D-528370E85361", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "2E324B02-9C59-44D8-AC8A-899130501C36", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "144BFD52-D569-42B1-BBBA-BA6F3B41C0D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "C8D3B6E6-8B47-4790-9293-254A446256AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "4F0899F9-F7FC-459A-BF39-A2590F4C948A", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "D1571098-025D-4F9E-9F5B-8CF4E47CB0A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "8BC9A8D1-95F8-41F1-B282-548B654AC024", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:5.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "15A7C86B-1F63-492E-BDBF-3AD1F27F3ECC", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "FAF58F47-FBA0-472F-84B2-37C40AE9F11E", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "2D208182-D571-4756-953B-84647B7C30DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:6.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "ADC5EF5A-FB10-4362-BF83-F2D399677C3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:6.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "1E6375DB-EAD9-40DB-ABC8-9ED47937335C", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:6.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "1465311E-9F28-4D02-87A1-8262F0E91363", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "6B4565A0-4CB2-4BB8-8747-88C2E1DB04BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8111EB25-993B-40D4-9A3F-B0A379FF2544", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:7.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "A3932C58-3E6B-4CE8-AD86-5258C657B9E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:7.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "4E884468-C200-4994-8073-A06145DD32EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CFA8B9FC-58C3-4CDB-B3C9-DCE3FC6DD071", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:7.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "44F1065B-3CCB-4690-9623-948AE5480388", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:7.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "5A195789-BE60-41D0-A09F-297C481E1741", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:7.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "99EA6D4D-4818-4B90-A431-F5DB4AEEAC84", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:7.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "E4BC60DE-9C65-48C8-B9F9-CBB99D6E6EA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:7.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9D72538A-63D7-4714-819F-D84E23A477C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:7.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "C48479D4-85A4-471C-BBE3-95EC7ED42551", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:8.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "17670892-BDEB-435D-92A8-4D362FB48235", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:8.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "F0233108-DAE6-42A5-B525-6D8F91298183", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:8.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0FCFDA77-070C-42E6-897C-DB4CA6FDD0E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:8.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "5090C955-3E5A-4CDF-A2B2-EF5A181BE4FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:8.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "33D199BC-D664-48A8-8D0C-5496C5DFF8ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:8.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "0E6327BC-34F7-46E9-ABB3-9FA8B9C5F684", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:8.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "D93FD709-6918-4F00-8C90-416F0E4208DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:8.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "91A9179B-25BD-4AF6-9ED1-1C0B4439A726", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:8.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "0E7A7D8F-0669-42D0-A7F8-447E05EB5F62", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:9.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "88A2049F-CAEC-47A5-9C22-0295B08CAA51", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:9.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "F7DF0BF3-2284-488D-8C62-DB9766445556", "vulnerable": true}, {"criteria": "cpe:2.3:a:icewarp:webmail_server:9.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "00B1AF41-963E-470C-9EC3-4ECD49EB1BC7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in IceWarp eMail Server and WebMail Server before 9.4.2 allow remote attackers to inject arbitrary web script or HTML via (1) the body of a message, related to the email view and incorrect HTML filtering in the cleanHTML function in server/inc/tools.php; or the (2) title, (3) link, or (4) description element in an RSS feed, related to the getHTML function in server/inc/rss/item.php."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en IceWarp eMail Server y WebMail Server anteriores a v9.4.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML de forma arbitraria a trav\u00e9s de (1) el cuerpo del mensaje, relacionado con la vista del correo electr\u00f3nico y el incorrecto filtrado HTML en la funci\u00f3n \"cleanHTML\" en server/inc/tools.php; o (2) el titulo, (3) enlace o (4)el elemento descripci\u00f3n en un RSS, relacionado con la funci\u00f3n gerHTML en server/inc/rss/item.php."}], "id": "CVE-2009-1467", "lastModified": "2024-11-21T01:02:31.920", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2009-05-05T20:30:00.217", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/54226"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/54227"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.redteam-pentesting.de/advisories/rt-sa-2009-001"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch"], "url": "http://www.redteam-pentesting.de/advisories/rt-sa-2009-002"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/503225/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/503229/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/34825"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1022167"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1022168"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2009/1253"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50331"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/54226"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/54227"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.redteam-pentesting.de/advisories/rt-sa-2009-001"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "http://www.redteam-pentesting.de/advisories/rt-sa-2009-002"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/503225/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/503229/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/34825"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022167"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022168"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/1253"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50331"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}