Lucene search
+L

49 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/20 12:0 a.m.3 views

CVE-2026-33370

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A stored cross-site scripting XSS vulnerability exists in the Zimbra Briefcase feature due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious...

5.8AI score0.00205EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/20 12:0 a.m.26 views

CVE-2026-33370

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A stored cross-site scripting XSS vulnerability exists in the Zimbra Briefcase feature due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious...

0.00205EPSS
Exploits0References4
CVE
CVE
added 2026/03/20 12:0 a.m.12 views

CVE-2026-33370

CVE-2026-33370 : In Zimbra Collaboration (ZCS) 10.0 and 10.1, the Briefcase feature is affected by a stored XSS due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious scripts, the embedded JavaScript can execute in...

6.1CVSS5.8AI score0.00205EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/20 12:0 a.m.2 views

CVE-2026-33370

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A stored cross-site scripting XSS vulnerability exists in the Zimbra Briefcase feature due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious...

6.1CVSS6.5AI score0.00205EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.6 views

PT-2026-26614

Name of the Vulnerable Software and Affected Versions Zimbra Collaboration ZCS versions 10.0 and 10.1 Description A stored cross-site scripting XSS issue exists in the Zimbra Briefcase feature because of inadequate sanitization of certain uploaded file types. When a user opens a publicly shared...

6.4CVSS6.6AI score0.00205EPSS
Exploits0References10
BDU FSTEC
BDU FSTEC
added 2025/01/30 12:0 a.m.9 views

The vulnerability of the Briefcase Module component in the Zimbra Collaboration Suite email management system allows a attacker to perform XSS attacks.

The vulnerability of the Briefcase Module component in the Zimbra Collaboration Suite email management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

5.5CVSS5.4AI score0.00392EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.7 views

The vulnerability of the Briefcase module in the Zimbra Collaboration Suite email management system allows a attacker to perform XSS attacks.

The vulnerability of the Briefcase module in the Zimbra Collaboration Suite email management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

9.7CVSS5.4AI score0.00312EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/11/21 12:0 a.m.5 views

CVE-2024-45512

An issue was discovered in webmail in Zimbra Collaboration ZCS through 10.1. An attacker can exploit this vulnerability by creating a folder in the Briefcase module with a malicious payload and sharing it with a victim. When the victim interacts with the folder share notification, the malicious...

5.4CVSS5.6AI score0.00392EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/11/21 12:0 a.m.7 views

Zimbra Collaboration Server 10.0 < 10.0.9, 10.1.0 < 10.1.1 XSS

An issue was discovered in Zimbra Collaboration ZCS through 10.1. A reflected Cross-Site Scripting XSS issue exists through the Briefcase module due to improper sanitization of file content by the OnlyOffice formatter. This occurs when the victim opens a crafted URL pointing to a shared folder...

5.4CVSS5.9AI score0.00312EPSS
Exploits0References5
CVE
CVE
added 2024/11/20 12:0 a.m.57 views

CVE-2024-45511

CVE-2024-45511 affects Zimbra Collaboration (ZCS) up to 10.1, via the Briefcase module. The root cause is improper sanitization of file contents by the OnlyOffice formatter, allowing a crafted URL to a shared folder containing a malicious file to execute arbitrary JavaScript in the victim’s sessi...

5.4CVSS6.2AI score0.00312EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/23 12:0 a.m.13 views

PT-2024-8655 · Zimbra · Zimbra Collaboration

Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration ZCS versions through 10.1 Description: A reflected Cross-Site Scripting XSS issue exists in the Briefcase module due to improper sanitization of file content by the OnlyOffice formatter. This occurs when the victim opens ...

9.7CVSS5.4AI score0.00312EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2024/09/01 12:0 a.m.4 views

PT-2024-10389 · Zimbra · Zimbra Collaboration Suite

Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration Suite ZCS versions through 10.1 Description: The issue exists due to inadequate protection of the web page structure in the Briefcase Module of the Zimbra Collaboration Suite ZCS. An attacker can exploit this by creating ...

5.5CVSS5.2AI score0.00392EPSS
Exploits0References14
CNVD
CNVD
added 2019/05/31 12:0 a.m.5 views

Zimbra Web Client (ZWC) Cross-Site Scripting Vulnerability

Zimbra Collaboration Suite ZCS is an open source collaboration suite from the American company Zimbra. The product includes WebMail, Calendar, Address Book, etc. Zimbra Web Client ZWC is one of the e-mail client program. A cross-site scripting vulnerability exists in the briefcase component of ZW...

6.1CVSS6.3AI score0.00969EPSS
Exploits0References1
securityvulns
securityvulns
added 2014/09/29 12:0 a.m.38 views

Briefcase 4.0 iOS - Code Execution &amp; File Include Vulnerability

Document Title: =============== Briefcase 4.0 iOS - Code Execution & File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1319 Release Date: ============= 2014-09-11 Vulnerability Laboratory ID VL-ID:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2014/09/26 12:0 a.m.35 views

GS Foto Uebertraege 3.0 Local File Inclusion

Document Title: =============== GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1325 Release Date: ============= 2014-09-22 Vulnerability Laboratory ID VL-ID: ====================================...

7.4AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2014/09/22 12:0 a.m.29 views

GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability

Document Title: =============== GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1325 Release Date: ============= 2014-09-22 Vulnerability Laboratory ID VL-ID: ====================================...

0.4AI score
Exploits0
seebug.org
seebug.org
added 2014/09/18 12:0 a.m.25 views

Briefcase 4.0 iOS - Code Execution &amp; File Include Vulnerability

No description provided by source. Document Title: =============== Briefcase 4.0 iOS - Code Execution & File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1319 Release Date: ============= 2014-09-11 Vulnerability Laboratory ID...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2014/09/15 12:0 a.m.28 views

Briefcase 4.0 iOS - Code Execution File Inclusion

Briefcase 4.0 iOS - Code Execution File Inclusion Document Title: =============== Briefcase 4.0 iOS - Code Execution & File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1319 Release Date: ============= 2014-09-11 Vulnerability...

7.5AI score
Exploits0
Exploit DB
Exploit DB
added 2014/09/15 12:0 a.m.38 views

Briefcase 4.0 iOS - Code Execution / File Inclusion

Document Title: =============== Briefcase 4.0 iOS - Code Execution & File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1319 Release Date: ============= 2014-09-11 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
NVD
NVD
added 2012/11/14 12:55 a.m.28 views

CVE-2012-1528

Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted briefcase, aka "Windows...

9.3CVSS6.5AI score0.18163EPSS
Exploits0References5
Rows per page
Query Builder