Gravité: : Critique
  Date du conseil: 21 juillet 2015

  Description

IceWarp Mail Server is prone to multiple cross-site scripting vulnerabilities and an XML external entity injection vulnerability. Attackers may exploit these issues to execute arbitrary script code in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials and obtain potentially sensitive information from local files; other attacks are also possible.

  Information Exposure Rating:

Apply associated Trend Micro DPI Rules.

  Solutions

  Trend Micro Deep Security DPI Rule Number: 1000552