3 matches found
CVE-2022-37041
creationtimestamp| type| source ---|---|--- 2022-08-12 18:39:48+00:00| seen| https://t.me/cibsecurity/48059...
CVE-2022-37041
An issue was discovered in ProxyServlet.java in the /proxy servlet in Zimbra Collaboration Suite ZCS 8.8.15 and 9.0. The value of the X-Forwarded-Host header overwrites the value of the Host header in proxied requests. The value of X-Forwarded-Host header is not checked against the whitelist of...
CVE-2022-37041
CVE-2022-37041 affects Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0. The issue is in ProxyServlet.java under the /proxy servlet where the X-Forwarded-Host header overwrites the Host header in proxied requests and is not checked against ZCS’s allowed proxy domains (zimbraProxyAllowedDomains). T...