Icewarp Icewarp Mail Server

3 CVEs affecting Icewarp Icewarp Mail Server. Latest disclosed: 2025-05-16. Critical: 0, High: 0.

Top CVEs affecting Icewarp Icewarp Mail Server
CVESeverityScorePublishedSummary
CVE-2025-40632Medium6.12025-05-16Cross-site scripting (XSS) in Icewarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to modify the “lastLogin” cookie with malicio…
CVE-2025-40631Medium6.12025-05-16HTTP host header injection vulnerability in Icewarp Mail Server affecting version 11.4.0. By modifying the Host header and adding a payload, arbitrary JavaScri…
CVE-2025-40630Medium6.12025-05-16Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to redirect a user to any domain by sendi…