Vulnerabilities > Synacor > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-15 | CVE-2020-18984 | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite 8.8.12 A reflected cross-site scripting (XSS) vulnerability in the zimbraAdmin/public/secureRequest.jsp component of Zimbra Collaboration 8.8.12 allows unauthenticated attackers to execute arbitrary web scripts or HTML via a host header injection. | 6.1 |
2021-12-15 | CVE-2020-18985 | Open Redirect vulnerability in Synacor Zimbra Collaboration Suite 8.8.12 An issue in /domain/service/.ewell-known/caldav of Zimbra Collaboration 8.8.12 allows attackers to redirect users to any arbitrary website of their choosing. | 6.1 |
2020-07-02 | CVE-2020-13653 | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite An XSS vulnerability exists in the Webmail component of Zimbra Collaboration Suite before 8.8.15 Patch 11. | 6.1 |
2020-02-18 | CVE-2020-8633 | Improper Preservation of Permissions vulnerability in Synacor Zimbra Collaboration Suite An issue was discovered in Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7. | 5.3 |
2020-01-27 | CVE-2019-11318 | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Server Zimbra Collaboration before 8.8.12 Patch 1 has persistent XSS. | 5.4 |
2020-01-27 | CVE-2015-2249 | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Server Zimbra Collaboration before 8.6.0 patch5 has XSS. | 5.4 |
2020-01-27 | CVE-2014-5500 | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Server Synacor Zimbra Collaboration before 8.0.8 has XSS. | 6.1 |
2019-05-30 | CVE-2015-7609 | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite 8.6.0 Synacor Zimbra Mail Client 8.6 before 8.6.0 Patch 5 has XSS via the error/warning dialog and email body content in Zimbra. | 6.1 |
2019-05-30 | CVE-2015-2230 | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Server Synacor Zimbra Collaboration Server 8.x before 8.7.0 has Reflected XSS in admin console. | 6.1 |
2019-05-30 | CVE-2018-14425 | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite There is a Persistent XSS vulnerability in the briefcase component of Synacor Zimbra Collaboration Suite (ZCS) Zimbra Web Client (ZWC) 8.8.8 before 8.8.8 Patch 7 and 8.8.9 before 8.8.9 Patch 1. | 6.1 |