Vulnerabilities > Zimbra > Zimbra > 8.8.12

DATE CVE VULNERABILITY TITLE RISK
2024-11-22 CVE-2024-9665 Cross-Site Request Forgery (CSRF) vulnerability in Zimbra
Zimbra GraphQL Cross-Site Request Forgery Information Disclosure Vulnerability.
network
low complexity
zimbra CWE-352
6.5
2023-07-31 CVE-2023-37580 Cross-site Scripting vulnerability in Zimbra
Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web Client.
network
low complexity
zimbra CWE-79
6.1
2023-07-31 CVE-2023-38750 Unspecified vulnerability in Zimbra
In Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41, 9 before 9.0.0 Patch 34, and 10 before 10.0.2, internal JSP and XML files can be exposed.
network
low complexity
zimbra
7.5