Vulnerabilities > Synacor
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-02 | CVE-2020-13653 | Cross-Site Scripting vulnerability in Synacor Zimbra Collaboration Suite An XSS vulnerability exists in the Webmail component of Zimbra Collaboration Suite before 8.8.15 Patch 11. | 4.3 |
| 2020-06-03 | CVE-2020-12846 | Unrestricted Upload of File With Dangerous Type vulnerability in Synacor Zimbra Collaboration Suite Zimbra before 8.8.15 Patch 10 and 9.x before 9.0.0 Patch 3 allows remote code execution via an avatar file. | 6.0 |
| 2020-02-18 | CVE-2020-8633 | Improper Preservation of Permissions vulnerability in Synacor Zimbra Collaboration Suite An issue was discovered in Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7. | 5.0 |
| 2020-02-18 | CVE-2020-7796 | Server-Side Request Forgery (SSRF) vulnerability in Synacor Zimbra Collaboration Suite Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled. | 6.8 |
| 2020-01-27 | CVE-2019-11318 | Cross-Site Scripting vulnerability in Synacor Zimbra Collaboration Server Zimbra Collaboration before 8.8.12 Patch 1 has persistent XSS. | 3.5 |
| 2020-01-27 | CVE-2015-2249 | Cross-Site Scripting vulnerability in Synacor Zimbra Collaboration Server Zimbra Collaboration before 8.6.0 patch5 has XSS. | 3.5 |
| 2020-01-27 | CVE-2014-8563 | OS Command Injection vulnerability in Synacor Zimbra Collaboration Server Synacor Zimbra Collaboration before 8.0.9 allows plaintext command injection during STARTTLS. | 7.5 |
| 2020-01-27 | CVE-2014-5500 | Cross-Site Scripting vulnerability in Synacor Zimbra Collaboration Server Synacor Zimbra Collaboration before 8.0.8 has XSS. | 4.3 |
| 2019-05-30 | CVE-2015-7609 | Cross-Site Scripting vulnerability in Synacor Zimbra Collaboration Suite 8.6.0 Synacor Zimbra Mail Client 8.6 before 8.6.0 Patch 5 has XSS via the error/warning dialog and email body content in Zimbra. | 4.3 |
| 2019-05-30 | CVE-2015-2230 | Cross-Site Scripting vulnerability in Synacor Zimbra Collaboration Server Synacor Zimbra Collaboration Server 8.x before 8.7.0 has Reflected XSS in admin console. | 4.3 |