3 matches found
CVE-2022-37044
creationtimestamp| type| source ---|---|--- 2022-08-12 18:39:36+00:00| seen| https://t.me/cibsecurity/48050...
CVE-2022-37044
In Zimbra Collaboration Suite ZCS 8.8.15, the URL at /h/search?action accepts parameters called extra, title, and onload that are partially sanitised and lead to reflected XSS that allows executing arbitrary JavaScript on the victim's machine...
CVE-2022-37044
Affected software: Zimbra Collaboration Suite (ZCS) 8.8.15. Vulnerability: Reflected XSS in the /h/search?action endpoint, where parameters extra, title, and onload are partially sanitized. This can allow execution of arbitrary JavaScript in the victim’s browser. Impact: Client-side script execut...