exploitDog

GHSA-m3p6-3gv6-4226

Опубликовано: 17 дек. 2021

Источник: github

Github: Не прошло ревью

Описание

A reflected cross-site scripting (XSS) vulnerability in the zimbraAdmin/public/secureRequest.jsp component of Zimbra Collaboration 8.8.12 allows unauthenticated attackers to execute arbitrary web scripts or HTML via a host header injection.

A reflected cross-site scripting (XSS) vulnerability in the zimbraAdmin/public/secureRequest.jsp component of Zimbra Collaboration 8.8.12 allows unauthenticated attackers to execute arbitrary web scripts or HTML via a host header injection.

Ссылки

EPSS

Процентиль: 78%

0.01158

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2020-18984

CVSS3: 6.1

nvd

около 4 лет назад

A reflected cross-site scripting (XSS) vulnerability in the zimbraAdmin/public/secureRequest.jsp component of Zimbra Collaboration 8.8.12 allows unauthenticated attackers to execute arbitrary web scripts or HTML via a host header injection.

EPSS

Процентиль: 78%

0.01158

Низкий

CVE ID

Дефекты

CWE-79