MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allows remote malicious users to obtain sensitive information via a direct request to bwlist_inc.html, which reveals the path in an error message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
icewarp web mail 5.5.1 |
||
merak mail server 8.2.4r |