In Zimbra Collaboration Suite (ZCS) 8.8.15, the URL at /h/search?action accepts parameters called extra, title, and onload that are partially sanitised and lead to reflected XSS that allows executing arbitrary JavaScript on the victim’s machine.
CPE | Name | Operator | Version |
---|---|---|---|
collaboration | eq | 8.8.15 |