IceWarp 11.4.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the color parameter.
View the template here CVE-2023-39600.yaml
References:
https://medium.com/@katikitala.sushmitha078/cross-site-scripting-reflected-xss-in-icewarp-server-cve-2023-39600-310a7e1c8817