Lucene search

MitreCVELIST:CVE-2023-34192

HistoryJul 06, 2023 - 12:00 a.m.

CVE-2023-34192

2023-07-0600:00:00

mitre

www.cve.org

zimbra

xss

vulnerability

remote attacker

code execution

AI Score

8.8

Confidence

High

EPSS

0.463

Percentile

97.5%

JSON

Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function.

References

wiki.zimbra.com/wiki/Security_Center

wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy

wiki.zimbra.com/wiki/Zimbra_Security_Advisories