Vulnerabilities > Zimbra

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-02	CVE-2017-20188	Cross-site Scripting vulnerability in Zimbra Zm-Ajax A vulnerability has been found in Zimbra zm-ajax up to 8.8.1 and classified as problematic. network high complexity zimbra CWE-79	4.7
2023-12-07	CVE-2023-43102	Cross-site Scripting vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) before 10.0.4. network low complexity zimbra CWE-79	6.1
2023-12-07	CVE-2023-43103	Cross-site Scripting vulnerability in Zimbra Collaboration An XSS issue was discovered in a web endpoint in Zimbra Collaboration (ZCS) before 10.0.4 via an unsanitized parameter. network low complexity zimbra CWE-79	6.1
2023-12-07	CVE-2023-41106	Unspecified vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) before 10.0.3. network low complexity zimbra	7.5
2023-07-31	CVE-2023-37580	Cross-site Scripting vulnerability in Zimbra Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web Client. network low complexity zimbra CWE-79	6.1
2023-07-31	CVE-2023-38750	Unspecified vulnerability in Zimbra In Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41, 9 before 9.0.0 Patch 34, and 10 before 10.0.2, internal JSP and XML files can be exposed. network low complexity zimbra	7.5
2023-07-06	CVE-2023-29381	Unspecified vulnerability in Zimbra Collaboration 8.8.15/9.0.0 An issue in Zimbra Collaboration (ZCS) v.8.8.15 and v.9.0 allows a remote attacker to escalate privileges and obtain sensitive information via the password and 2FA parameters. network low complexity zimbra critical	9.8
2023-07-06	CVE-2023-29382	Unspecified vulnerability in Zimbra Collaboration 8.8.15/9.0.0 An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary code via the sfdc_preauth.jsp component. network low complexity zimbra critical	9.8
2023-07-06	CVE-2023-34192	Cross-site Scripting vulnerability in Zimbra Collaboration 8.8.15 Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function. network low complexity zimbra CWE-79 critical	9.0
2023-07-06	CVE-2023-34193	Unrestricted Upload of File with Dangerous Type vulnerability in Zimbra Collaboration 8.8.15 File Upload vulnerability in Zimbra ZCS 8.8.15 allows an authenticated privileged user to execute arbitrary code and obtain sensitive information via the ClientUploader function. network low complexity zimbra CWE-434	8.8

Vulnerabilities > Zimbra {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Zimbra"}]}

Vulnerabilities > Zimbra