6.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
33.0%
In Zimbra Collaboration Suite (ZCS) 8.8.15, at the URL /h/calendar, one can trigger XSS by adding JavaScript code to the view parameter and changing the value of the uncheck parameter to a string (instead of default value of 10).
wiki.zimbra.com/wiki/Security_Center
wiki.zimbra.com/wiki/Zimbra_Security_Advisories