Vulnerabilities > Zimbra
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-22 | CVE-2024-45518 | Server-Side Request Forgery (SSRF) vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9, 9.0.0 before Patch 41, and 8.8.15 before Patch 46. | 8.8 |
| 2024-10-02 | CVE-2024-45519 | Unspecified vulnerability in Zimbra Collaboration The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands. | 9.8 |
| 2024-08-12 | CVE-2024-27442 | Improper Handling of Exceptional Conditions vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. | 7.8 |
| 2024-08-12 | CVE-2024-27443 | Cross-site Scripting vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. | 6.1 |
| 2024-08-12 | CVE-2024-33533 | Cross-site Scripting vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0, issue 1 of 2. | 5.4 |
| 2024-08-12 | CVE-2024-33535 | Path Traversal vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. | 7.5 |
| 2024-08-12 | CVE-2024-33536 | Cross-site Scripting vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. | 5.4 |
| 2024-02-13 | CVE-2023-50808 | Cross-site Scripting vulnerability in Zimbra Collaboration Zimbra Collaboration before Kepler 9.0.0 Patch 38 GA allows DOM-based JavaScript injection in the Modern UI. | 6.1 |
| 2024-02-13 | CVE-2023-26562 | Missing Authorization vulnerability in Zimbra Collaboration 8.8.15/9.0.0 In Zimbra Collaboration (ZCS) 8.8.15 and 9.0, a closed account (with 2FA and generated passwords) can send e-mail messages when configured for Imap/smtp. | 6.5 |
| 2024-02-13 | CVE-2023-45206 | Cross-site Scripting vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and 10.0. | 6.1 |