CVE-2020-8512

MEDIUM NUCLEI

IceWarp Webmail Server <11.4.4.1 - XSS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-8512. PoCs published by Lutfu Mert Ceylan. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit demonstrates a reflective XSS vulnerability in IceWarp WebMail 11.4.4.1 and earlier versions via the 'color' parameter. The PoC shows how an attacker can inject malicious JavaScript code into the URL, which executes when a user visits the crafted link.

Description

In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter.

Exploits (1)

exploitdb WORKING POC
by Lutfu Mert Ceylan · textwebappsphp
https://www.exploit-db.com/exploits/47988

This exploit demonstrates a reflective XSS vulnerability in IceWarp WebMail 11.4.4.1 and earlier versions via the 'color' parameter. The PoC shows how an attacker can inject malicious JavaScript code into the URL, which executes when a user visits the crafted link.

Classification
Working Poc 100%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: IceWarp WebMail 11.4.4.1 and before
No auth needed
Prerequisites: Access to the target's WebMail login page · User interaction to visit the crafted URL
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

IceWarp WebMail Server <=11.4.4.1 - Cross-Site Scripting
MEDIUMby pdteam,dwisiswant0
Shodan: title:"icewarp" || http.title:"icewarp"
FOFA: title="icewarp"

References (3)

Core 3
Core References
Exploit, Third Party Advisory x_refsource_misc
https://cxsecurity.com/issue/WLB-2020010205

Scores

CVSS v3 6.1
EPSS 0.1483
EPSS Percentile 96.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (1)
icewarp/icewarp_server < 11.4.4.1
Published Feb 01, 2020
Tracked Since Feb 18, 2026