Advisory: IceWarp: Cross-Site Scripting in Notes
During a penetration test, RedTeam Pentesting discovered that the
IceWarp WebMail Server is prone to cross-site scripting attacks in notes
for objects If attackers with access to the IceWarp system provide a
manipulated object that is displayed by users, they can run arbitrary
JavaScript code in th ...