Vulnerabilities > Zimbra > Collaboration > 9.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-05 | CVE-2022-45912 | Unrestricted Upload of File with Dangerous Type vulnerability in Zimbra Collaboration 8.8.15/9.0.0 An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. | 7.2 |
| 2022-10-12 | CVE-2022-41348 | Cross-site Scripting vulnerability in Zimbra Collaboration 9.0.0 An issue was discovered in Zimbra Collaboration (ZCS) 9.0. | 6.1 |
| 2022-09-26 | CVE-2022-41347 | Unspecified vulnerability in Zimbra Collaboration 8.8.15/9.0.0 An issue was discovered in Zimbra Collaboration (ZCS) 8.8.x and 9.x (e.g., 8.8.15). | 7.8 |
| 2022-09-26 | CVE-2022-41352 | Path Traversal vulnerability in Zimbra Collaboration 8.8.15/9.0.0 An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. | 9.8 |
| 2022-08-12 | CVE-2022-37042 | Path Traversal vulnerability in Zimbra Collaboration 8.8.15/9.0.0 Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. | 9.8 |
| 2022-04-21 | CVE-2022-27924 | Injection vulnerability in Zimbra Collaboration 8.8.15/9.0.0 Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance. | 5.0 |
| 2022-04-21 | CVE-2022-27925 | Path Traversal vulnerability in Zimbra Collaboration 8.8.15/9.0.0 Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. | 7.2 |
| 2022-04-21 | CVE-2022-27926 | Unspecified vulnerability in Zimbra Collaboration 9.0.0 A reflected cross-site scripting (XSS) vulnerability in the /public/launchNewWindow.jsp component of Zimbra Collaboration (aka ZCS) 9.0 allows unauthenticated attackers to execute arbitrary web script or HTML via request parameters. | 6.1 |
| 2021-07-02 | CVE-2021-34807 | Open Redirect vulnerability in Zimbra Collaboration An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0. | 5.8 |
| 2021-07-02 | CVE-2021-35207 | Cross-site Scripting vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration Suite 8.8 before 8.8.15 Patch 23 and 9.0 before 9.0.0 Patch 16. | 4.3 |