Show filters
64 Total Results
Displaying 11-20 of 64
Sort by:
Attacker Value
Unknown

CVE-2020-8633

Disclosure Date: February 18, 2020 (last updated February 21, 2025)
An issue was discovered in Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7. When grantors revoked a shared calendar in Outlook, the calendar stayed mounted and accessible.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-7796

Disclosure Date: February 18, 2020 (last updated February 21, 2025)
Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2013-1938

Disclosure Date: February 12, 2020 (last updated February 21, 2025)
Zimbra 2013 has XSS in aspell.php
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2015-2249

Disclosure Date: January 27, 2020 (last updated February 21, 2025)
Zimbra Collaboration before 8.6.0 patch5 has XSS.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2014-8563

Disclosure Date: January 27, 2020 (last updated February 21, 2025)
Synacor Zimbra Collaboration before 8.0.9 allows plaintext command injection during STARTTLS.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2014-5500

Disclosure Date: January 27, 2020 (last updated February 21, 2025)
Synacor Zimbra Collaboration before 8.0.8 has XSS.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2019-11318

Disclosure Date: August 14, 2019 (last updated February 21, 2025)
Zimbra Collaboration before 8.8.12 Patch 1 has persistent XSS.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2015-2230

Disclosure Date: May 30, 2019 (last updated November 27, 2024)
Synacor Zimbra Collaboration Server 8.x before 8.7.0 has Reflected XSS in admin console.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2015-7609

Disclosure Date: May 30, 2019 (last updated November 27, 2024)
Synacor Zimbra Mail Client 8.6 before 8.6.0 Patch 5 has XSS via the error/warning dialog and email body content in Zimbra.
0
0
Attacker Value
Unknown

CVE-2018-14425

Disclosure Date: May 30, 2019 (last updated November 27, 2024)
There is a Persistent XSS vulnerability in the briefcase component of Synacor Zimbra Collaboration Suite (ZCS) Zimbra Web Client (ZWC) 8.8.8 before 8.8.8 Patch 7 and 8.8.9 before 8.8.9 Patch 1.
0
0
View More Topics  < Previous  Next >