The SpiderLabs team at Trustwave published two new advisories today which detail issues discovered in the IceWarp Mail Server and Magnolia CMS. Both advisories were discovered by Piotr Karolak, a SpiderLabs Security Analyst.
The second advisory affects Magnolia CMS, an open source Content Management System. The bug Karolak discovered was another cross-site scripting vulnerability. Users of Magnolia CMS should upgrade to version v5.3.7 or the latest stable version.
For more information on either of these advisories please follow the links below.
Multiple Vulnerabilities in IceWarp Mail Server (TWSL2015-001)
Cross-Site Scripting in Magnolia CMS (TWSL2015-002)