Vulnerabilities > Zimbra
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-12-26 | CVE-2013-7217 | Security vulnerability in Zimbra Collaboration Server Unspecified vulnerability in Zimbra Collaboration Server 7.2.5 and earlier, and 8.0.x through 8.0.5, has "critical" impact and unspecified vectors, a different vulnerability than CVE-2013-7091. | 10.0 |
| 2013-12-13 | CVE-2013-7091 | Path Traversal vulnerability in Synacor Zimbra Collaboration Suite Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2013-09-23 | CVE-2013-5119 | Improper Authentication vulnerability in Synacor Zimbra Collaboration Suite Zimbra Collaboration Suite (ZCS) 6.0.16 and earlier allows man-in-the-middle attackers to obtain access by sniffing the network and replaying the ZM_AUTH_TOKEN token. | 6.8 |
| 2012-02-24 | CVE-2012-1213 | Cross-Site Scripting vulnerability in Zimbra Cross-site scripting (XSS) vulnerability in zimbra/h/calendar in Zimbra Web Client in Zimbra Collaboration Suite (ZCS) 6.x before 6.0.15 and 7.x before 7.1.3 allows remote attackers to inject arbitrary web script or HTML via the view parameter. | 4.3 |
| 2008-03-10 | CVE-2008-1226 | Cross-Site Scripting vulnerability in Zimbra Collaboration Suite 4.0.3/4.5.6 Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration Suite (ZCS) 4.0.3, 4.5.6, and possibly other versions before 4.5.10 allow remote attackers to inject arbitrary web script or HTML via an e-mail attachment, possibly involving a (1) .jpg or (2) .gif image attachment. | 4.3 |