Lucene search
HistoryJul 06, 2023 - 4:15 p.m.
CVE-2023-34192
cve-2023-34192
cross site scripting
zimbra zcs
v.8.8.15
remote attacker
arbitrary code
9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
0.424 Medium
EPSS
Percentile
97.3%
Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function.
Affected configurations
Node
zimbracollaborationMatch8.8.15-
ORzimbracollaborationMatch8.8.15p1
ORzimbracollaborationMatch8.8.15p10
ORzimbracollaborationMatch8.8.15p11
ORzimbracollaborationMatch8.8.15p12
ORzimbracollaborationMatch8.8.15p13
ORzimbracollaborationMatch8.8.15p14
ORzimbracollaborationMatch8.8.15p15
ORzimbracollaborationMatch8.8.15p16
ORzimbracollaborationMatch8.8.15p17
ORzimbracollaborationMatch8.8.15p18
ORzimbracollaborationMatch8.8.15p19
ORzimbracollaborationMatch8.8.15p2
ORzimbracollaborationMatch8.8.15p20
ORzimbracollaborationMatch8.8.15p21
ORzimbracollaborationMatch8.8.15p22
ORzimbracollaborationMatch8.8.15p23
ORzimbracollaborationMatch8.8.15p24
ORzimbracollaborationMatch8.8.15p25
ORzimbracollaborationMatch8.8.15p26
ORzimbracollaborationMatch8.8.15p27
ORzimbracollaborationMatch8.8.15p28
ORzimbracollaborationMatch8.8.15p29
ORzimbracollaborationMatch8.8.15p3
ORzimbracollaborationMatch8.8.15p30
ORzimbracollaborationMatch8.8.15p31
ORzimbracollaborationMatch8.8.15p32
ORzimbracollaborationMatch8.8.15p33
ORzimbracollaborationMatch8.8.15p34
ORzimbracollaborationMatch8.8.15p35
ORzimbracollaborationMatch8.8.15p37
ORzimbracollaborationMatch8.8.15p4
ORzimbracollaborationMatch8.8.15p5
ORzimbracollaborationMatch8.8.15p6
ORzimbracollaborationMatch8.8.15p7
ORzimbracollaborationMatch8.8.15p8
ORzimbracollaborationMatch8.8.15p9
| CPE | Name | Operator | Version |
|---|---|---|---|
| zimbra:collaboration | zimbra collaboration | eq | 8.8.15 |
Related
prion
prion
Cross site scripting
2023-07-06 16:15:00
nuclei
nuclei
Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting
2023-07-20 18:27:03
cvelist
cvelist
CVE-2023-34192
2023-07-06 00:00:00
osv
osv
CVE-2023-34192
2023-07-06 16:15:10
nvd
nvd
CVE-2023-34192
2023-07-06 16:15:10
nessus
nessus
Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 40 Multiple Vulnerabilities
2023-07-20 00:00:00
9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
0.424 Medium
EPSS
Percentile
97.3%
Related for CVE-2023-34192