Vulnerabilities > Zimbra > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-02 | CVE-2017-20188 | Cross-site Scripting vulnerability in Zimbra Zm-Ajax A vulnerability has been found in Zimbra zm-ajax up to 8.8.1 and classified as problematic. | 4.7 |
2023-12-07 | CVE-2023-43102 | Cross-site Scripting vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) before 10.0.4. | 6.1 |
2023-12-07 | CVE-2023-43103 | Cross-site Scripting vulnerability in Zimbra Collaboration An XSS issue was discovered in a web endpoint in Zimbra Collaboration (ZCS) before 10.0.4 via an unsanitized parameter. | 6.1 |
2023-07-31 | CVE-2023-37580 | Cross-site Scripting vulnerability in Zimbra Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web Client. | 6.1 |
2023-06-15 | CVE-2023-24030 | Open Redirect vulnerability in Zimbra Collaboration 8.8.15/9.0.0 An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0 and 8.8.15. | 6.1 |
2023-06-15 | CVE-2023-24031 | Cross-site Scripting vulnerability in Zimbra Collaboration 9.0.0 An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 8.8.15. | 6.1 |
2023-01-06 | CVE-2022-45911 | Cross-site Scripting vulnerability in Zimbra Collaboration 9.0.0 An issue was discovered in Zimbra Collaboration (ZCS) 9.0. | 6.1 |
2023-01-06 | CVE-2022-45913 | Cross-site Scripting vulnerability in Zimbra Collaboration 8.8.15/9.0.0 An issue was discovered in Zimbra Collaboration (ZCS) 9.0. | 6.1 |
2022-10-12 | CVE-2022-41348 | Cross-site Scripting vulnerability in Zimbra Collaboration 9.0.0 An issue was discovered in Zimbra Collaboration (ZCS) 9.0. | 6.1 |
2022-10-12 | CVE-2022-41349 | Cross-site Scripting vulnerability in Zimbra Collaboration 8.8.15 In Zimbra Collaboration Suite (ZCS) 8.8.15, the URL at /h/compose accepts an attachUrl parameter that is vulnerable to Reflected XSS. | 6.1 |