VYPR
Unrated severityNVD Advisory· Published May 16, 2025· Updated May 16, 2025

Open redirection vulnerability in IceWarp Mail Server

CVE-2025-40630

Description

Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to redirect a user to any domain by sending a malicious URL to the victim, for example “ https://icewarp.domain.com//<MALICIOUS_DOMAIN>/%2e%2e” https://icewarp.domain.com///%2e%2e” . This vulnerability has been tested in Firefox.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • IceWarp/Serverllm-fuzzy2 versions
    = 11.4.0+ 1 more
    • (no CPE)range: = 11.4.0
    • (no CPE)range: 11.4.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.