Описание
An issue was discovered in Zimbra Collaboration (ZCS) before 10.0.4. An XSS issue can be exploited to access the mailbox of an authenticated user. This is also fixed in 8.8.15 Patch 43 and 9.0.0 Patch 36.
Уязвимые конфигурации
Конфигурация 1Версия до 8.8.15 (исключая)Версия от 10.0.0 (включая) до 10.0.4 (исключая)
Одно из
cpe:2.3:a:zimbra:collaboration:*:*:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:*:*:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:-:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p1:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p10:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p11:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p12:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p13:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p14:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p15:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p16:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p17:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p18:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p19:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p2:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p20:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p21:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p22:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p23:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p24:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p25:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p26:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p27:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p28:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p29:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p3:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p30:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p31:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p32:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p33:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p34:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p35:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p37:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p4:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p40:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p41:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p42:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p5:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p6:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p7:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p8:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:8.8.15:p9:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:-:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p0:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p1:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p10:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p11:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p12:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p13:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p14:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p15:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p16:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p19:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p2:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p20:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p21:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p23:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p24:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p24.1:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p25:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p26:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p27:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p3:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p33:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p34:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p35:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p4:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p5:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p6:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p7:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p7.1:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p8:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:p9:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00481
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
около 2 лет назад
An issue was discovered in Zimbra Collaboration (ZCS) before 10.0.4. An XSS issue can be exploited to access the mailbox of an authenticated user. This is also fixed in 8.8.15 Patch 43 and 9.0.0 Patch 36.
EPSS
Процентиль: 65%
0.00481
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79