Posted on

Icewarp Webclient 10.1.3/10.2.0 HTTP POST Request webmail/basic/ _dlg[captcha][action] Persistent cross site scripting

A vulnerability was found in Icewarp Webclient 10.1.3/10.2.0. It has been classified as problematic. Affected is some unknown functionality of the file webmail/basic/ of the component HTTP POST Request Handler. Upgrading to version 10.2.1 eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.