VYPR

MetaDefender ICAP Server

by OPSWAT

CVEs (2)

  • CVE-2022-32272Jun 9, 2022
    risk 0.05cvss epss 0.09

    OPSWAT MetaDefender Core before 5.1.2, MetaDefender ICAP before 4.12.1, and MetaDefender Email Gateway Security before 5.6.1 have incorrect access control, resulting in privilege escalation.

  • CVE-2022-40778Sep 19, 2022
    risk 0.00cvss epss 0.00

    A stored Cross-Site Scripting (XSS) vulnerability in OPSWAT MetaDefender ICAP Server before 4.13.0 allows attackers to execute arbitrary JavaScript or HTML because of the blocked page response.