IceWarp Mail Server through 10.4.4 can easily generate local file inclusion vulnerabilities by traversing the webmail/calendar/minimizer/index.php?style
directory .
Successful exploitation allows remote attackers to perform unintended actions such as information disclosure, database access, etc.
Our recommendation is to update IceWarp Mail Server to the latest version as soon as possible to patch the vulnerabilities.