Vulnerabilities

CVE-2025-14499 - IceWarp gmaps Cross-Site Scripting Authentication Bypass Vulnerability

2025-12-24 0 views admin

CVE ID : CVE-2025-14499 Published : Dec. 23, 2025, 10:15 p.m. | 41 minutes ago Description : IceWarp gmaps Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of IceWarp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of a parameter passed to the gmaps webpage. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25441. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-14499

Severity

HIGH

Published

Dec. 23, 2025

Impact: Authentication Bypass

Source: Telegram CVE Monitor

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-14499high

CVE-2025-14499 - IceWarp gmaps Cross-Site Scripting Authentication Bypass Vulnerability

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2025-15077 - itsourcecode Student Management System form137.php sql injection

CVE-2025-15078 - itsourcecode Student Management System list_report.php sql injection

CVE-2025-32095 - Pexip Infinity Signalling Denial of Service

CVE-2025-59683 - Pexip Infinity Improper Access Control Denial of Service

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting