.. / CVE-2023-37728

Exploit for IceWarp Webmail Server v10.2.1 - Cross Site Scripting (CVE-2023-37728)

Description:

Icewarp Icearp v10.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the color parameter.

Nuclei Template

View the template here CVE-2023-37728.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-37728.yaml
Copy

References:

http://icearp.com
https://medium.com/@ayush.engr29/cve-2023-37728-6dfb7586311
https://medium.com/%40ayush.engr29/cve-2023-37728-6dfb7586311
https://nvd.nist.gov/vuln/detail/CVE-2023-37728
http://icewarp.com