14 matches found
Zimbra Collaboration Suite Security Vulnerability
Zimbra Collaboration Suite ZCS is an open source collaboration suite from Zimbra in the United States. The product includes WebMail, Calendar, Address Book and more. A security vulnerability exists in Zimbra Collaboration ZCS versions 8.8.15, 9.0, and 10.0. An attacker can exploit the vulnerabili...
Zimbra Collaboration Suite Security Vulnerability
Zimbra Collaboration Suite ZCS is an open source collaboration suite from Zimbra in the United States. The product includes WebMail, Calendar, Address Book and more. A security vulnerability exists in Zimbra Collaboration Suite versions 8.8.15, 9.0, and 10.0. An attacker exploited the vulnerabili...
Synacor Zimbra Security Vulnerability
Synacor Zimbra is an open source email collaboration platform from Synacor Inc. in the United States. A security vulnerability exists in Synacor Zimbra Collaboration ZCS versions 8.8.15, 9.0, and 10.0. An attacker can exploit the vulnerability to inject JavaScript or HTML code...
Vulnerabilities fixed in Zimbra
Vulnerabilities have been fixed in Zimbra. A malicious party could exploit vulnerabilities to gain access to system data, bypass a security measure, or launch a Cross-Site Scripting attack. Such an attack can lead to execution of arbitrary code in the context of the victim's victim's browser, or...
CVE-2023-29382
An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary code via the sfdcpreauth.jsp component...
PT-2023-22236 · Zimbra · Zimbra Collaboration
Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration ZCS versions 8.8.15 through 9.0 Description: An issue in Zimbra Collaboration ZCS allows an attacker to execute arbitrary code via the sfdc preauth.jsp component. Recommendations: For versions 8.8.15 and 9.0, consider...
Zimbra Collaboration Suite 跨站脚本漏洞
Zimbra Collaboration Suite ZCS is an open source collaboration suite from Zimbra in the United States. The product includes WebMail, Calendar, Address Book and more. A security vulnerability exists in Zimbra Collaboration Suite versions 9.0 and 8.8.15, which stems from the presence of a cross-sit...
Zimbra Collaboration Suite 输入验证错误漏洞
Zimbra Collaboration Suite ZCS is an open source collaboration suite from Zimbra in the United States. The product includes WebMail, Calendar, Address Book and more. A security vulnerability exists in Zimbra Collaboration Suite versions 9.0 and 8.8.15, which stems from the presence of an open...
PT-2023-2843 · Zimbra · Zimbra Collaboration Suite
Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration Suite versions 8.8.15 through 9.0 Description: An open redirect issue exists in the /preauth Servlet, allowing an attacker to redirect a user to any URL if URL sanitization is bypassed in incoming requests. To exploit thi...
PT-2022-27681 · Zimbra · Zimbra Collaboration
Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration ZCS versions 8.8.15 through 9.0 Description: An issue was discovered in Zimbra Collaboration, allowing remote code execution through the ClientUploader utility by an authenticated admin user. The admin user can upload fil...
Zimbra Collaboration Suite 代码问题漏洞
Zimbra Collaboration Suite ZCS is an open source collaboration suite from Synacor, USA. The product includes WebMail, Calendar, Address Book and more. A code issue vulnerability exists in Zimbra Collaboration Suite ZCS version 8.8.15, 9.0, which stems from the value of the X-Forwarded-Host header...
PT-2022-4241
Name of the Vulnerable Software and Affected Versions Zimbra Collaboration Suite ZCS versions 8.8.15 through 9.0 Description The mboximport functionality in Zimbra Collaboration Suite ZCS has an authentication bypass issue, allowing an attacker to upload arbitrary files to the system without an...
Synacor Zimbra Collaborate Suite (ZCS) Cross-Site Scripting Vulnerability
Synacor Zimbra Collaboration Suite ZCS contains a cross-site scripting XSS vulnerability in the Calendar feature that allows an attacker to execute arbitrary code...
UBUNTU-CVE-2021-45101
An issue was discovered in HTCondor before 8.8.15, 9.0.x before 9.0.4, and 9.1.x before 9.1.2. Using standard command-line tools, a user with only READ access to an HTCondor SchedD or Collector daemon can discover secrets that could allow them to control other users' jobs and/or read their data...