IceWarp Merak Mail Server 'Forgot Password' Input Validation Vulnerability

IceWarp Merak Mail Server 'Forgot Password' Input Validation Vulnerability

IceWarp Merak Mail Server is prone to an input-validation vulnerability because it uses client-supplied data when performing a 'Forgot Password' function.

Attackers can exploit this issue via social-engineering techniques to obtain valid users' login credentials; other attacks may also be possible.