Vulnerabilities > Zimbra > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-08-12 CVE-2024-27443 Cross-site Scripting vulnerability in Zimbra Collaboration
An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0.
network
low complexity
zimbra CWE-79
6.1
2024-08-12 CVE-2024-33533 Cross-site Scripting vulnerability in Zimbra Collaboration
An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0, issue 1 of 2.
network
low complexity
zimbra CWE-79
5.4
2024-08-12 CVE-2024-33536 Cross-site Scripting vulnerability in Zimbra Collaboration
An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0.
network
low complexity
zimbra CWE-79
5.4
2024-02-13 CVE-2023-50808 Cross-site Scripting vulnerability in Zimbra Collaboration
Zimbra Collaboration before Kepler 9.0.0 Patch 38 GA allows DOM-based JavaScript injection in the Modern UI.
network
low complexity
zimbra CWE-79
6.1
2024-02-13 CVE-2023-26562 Missing Authorization vulnerability in Zimbra Collaboration 8.8.15/9.0.0
In Zimbra Collaboration (ZCS) 8.8.15 and 9.0, a closed account (with 2FA and generated passwords) can send e-mail messages when configured for Imap/smtp.
network
low complexity
zimbra CWE-862
6.5
2024-02-13 CVE-2023-45206 Cross-site Scripting vulnerability in Zimbra Collaboration
An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and 10.0.
network
low complexity
zimbra CWE-79
6.1
2024-02-13 CVE-2023-45207 Cross-site Scripting vulnerability in Zimbra Collaboration
An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and 10.0.
network
low complexity
zimbra CWE-79
6.1
2024-02-13 CVE-2023-48432 Cross-site Scripting vulnerability in Zimbra Collaboration
An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and 10.0.
network
low complexity
zimbra CWE-79
6.1
2024-01-02 CVE-2017-20188 Unspecified vulnerability in Zimbra Zm-Ajax
A vulnerability has been found in Zimbra zm-ajax up to 8.8.1 and classified as problematic.
network
high complexity
zimbra
4.7
2023-12-07 CVE-2023-43102 Cross-site Scripting vulnerability in Zimbra Collaboration
An issue was discovered in Zimbra Collaboration (ZCS) before 10.0.4.
network
low complexity
zimbra CWE-79
6.1