Vulnerability Database

312,921

Total vulnerabilities in the database

CVE-2006-2484

Cross-site scripting (XSS) vulnerability in index.html in IceWarp WebMail 5.5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the PHPSESSID parameter.

Published: May 19, 2006
Updated: Nov 9, 2025
CVE: CVE-2006-2484
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
icewarp / web_mail	4.1.5	4.1.5.x
icewarp / web_mail	3.5.0	3.5.0.x
icewarp / web_mail	3.4.1	3.4.1.x
icewarp / web_mail	3.3.1	3.3.1.x
icewarp / web_mail	5.2.7	5.2.7.x
icewarp / web_mail	5.2.8	5.2.8.x
icewarp / web_mail	3.4.2	3.4.2.x
icewarp / web_mail	1.40.00	1.40.00.x
icewarp / web_mail	1.40.10	1.40.10.x
icewarp / web_mail	3.5.1	3.5.1.x
icewarp / web_mail	3.1.4	3.1.4.x
icewarp / web_mail	5.3.1	5.3.1.x
icewarp / web_mail	5.4	5.4.x
icewarp / web_mail	5.5.1	5.5.1.x
icewarp / web_mail	4.1.4	4.1.4.x
icewarp / web_mail	5.3.2	5.3.2.x
icewarp / web_mail	3.3.2	3.3.2.x
icewarp / web_mail	5.3	5.3.x

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo