Vulnerabilities > Synacor > Zimbra Collaboration Suite > 8.8.8

DATE CVE VULNERABILITY TITLE RISK
2019-05-29 CVE-2018-18631 Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite
mailboxd component in Synacor Zimbra Collaboration Suite 8.6, 8.7 before 8.7.11 Patch 7, and 8.8 before 8.8.10 Patch 2 has Persistent XSS.
network
synacor CWE-79
4.3
4.3
2019-05-29 CVE-2018-14013 Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite Collaboration before 8.8.11 has XSS in the AJAX and html web clients.
network
synacor CWE-79
4.3
4.3
2018-10-03 CVE-2018-17938 Insufficient Verification of Data Authenticity vulnerability in Synacor Zimbra Collaboration Suite
Zimbra Collaboration before 8.8.10 GA allows text content spoofing via a loginErrorCode value.
network
low complexity
synacor CWE-345
5.0
5.0
2018-05-30 CVE-2018-10939 Cross-site Scripting vulnerability in multiple products
Zimbra Web Client (ZWC) in Zimbra Collaboration Suite 8.8 before 8.8.8.Patch4 and 8.7 before 8.7.11.Patch4 has Persistent XSS via a contact group. 		4.3
4.3