Vulnerabilities > Synacor > Zimbra Collaboration Server

DATE CVE VULNERABILITY TITLE RISK
2020-01-27 CVE-2019-11318 Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Server
Zimbra Collaboration before 8.8.12 Patch 1 has persistent XSS.
network
low complexity
synacor CWE-79
5.4
5.4
2020-01-27 CVE-2015-2249 Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Server
Zimbra Collaboration before 8.6.0 patch5 has XSS.
network
low complexity
synacor CWE-79
5.4
5.4
2020-01-27 CVE-2014-8563 OS Command Injection vulnerability in Synacor Zimbra Collaboration Server
Synacor Zimbra Collaboration before 8.0.9 allows plaintext command injection during STARTTLS.
network
low complexity
synacor CWE-78
critical
 9.8
9.8
2020-01-27 CVE-2014-5500 Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Server
Synacor Zimbra Collaboration before 8.0.8 has XSS.
network
low complexity
synacor CWE-79
6.1
6.1
2019-05-30 CVE-2015-2230 Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Server
Synacor Zimbra Collaboration Server 8.x before 8.7.0 has Reflected XSS in admin console.
network
low complexity
synacor CWE-79
6.1
6.1