49 matches found
CVE-2026-33370
An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A stored cross-site scripting XSS vulnerability exists in the Zimbra Briefcase feature due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious...
CVE-2026-33370
An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A stored cross-site scripting XSS vulnerability exists in the Zimbra Briefcase feature due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious...
CVE-2026-33370
CVE-2026-33370 : In Zimbra Collaboration (ZCS) 10.0 and 10.1, the Briefcase feature is affected by a stored XSS due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious scripts, the embedded JavaScript can execute in...
CVE-2026-33370
An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A stored cross-site scripting XSS vulnerability exists in the Zimbra Briefcase feature due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious...
PT-2026-26614
Name of the Vulnerable Software and Affected Versions Zimbra Collaboration ZCS versions 10.0 and 10.1 Description A stored cross-site scripting XSS issue exists in the Zimbra Briefcase feature because of inadequate sanitization of certain uploaded file types. When a user opens a publicly shared...
The vulnerability of the Briefcase Module component in the Zimbra Collaboration Suite email management system allows a attacker to perform XSS attacks.
The vulnerability of the Briefcase Module component in the Zimbra Collaboration Suite email management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of the Briefcase module in the Zimbra Collaboration Suite email management system allows a attacker to perform XSS attacks.
The vulnerability of the Briefcase module in the Zimbra Collaboration Suite email management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
CVE-2024-45512
An issue was discovered in webmail in Zimbra Collaboration ZCS through 10.1. An attacker can exploit this vulnerability by creating a folder in the Briefcase module with a malicious payload and sharing it with a victim. When the victim interacts with the folder share notification, the malicious...
Zimbra Collaboration Server 10.0 < 10.0.9, 10.1.0 < 10.1.1 XSS
An issue was discovered in Zimbra Collaboration ZCS through 10.1. A reflected Cross-Site Scripting XSS issue exists through the Briefcase module due to improper sanitization of file content by the OnlyOffice formatter. This occurs when the victim opens a crafted URL pointing to a shared folder...
CVE-2024-45511
CVE-2024-45511 affects Zimbra Collaboration (ZCS) up to 10.1, via the Briefcase module. The root cause is improper sanitization of file contents by the OnlyOffice formatter, allowing a crafted URL to a shared folder containing a malicious file to execute arbitrary JavaScript in the victim’s sessi...
PT-2024-8655 · Zimbra · Zimbra Collaboration
Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration ZCS versions through 10.1 Description: A reflected Cross-Site Scripting XSS issue exists in the Briefcase module due to improper sanitization of file content by the OnlyOffice formatter. This occurs when the victim opens ...
PT-2024-10389 · Zimbra · Zimbra Collaboration Suite
Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration Suite ZCS versions through 10.1 Description: The issue exists due to inadequate protection of the web page structure in the Briefcase Module of the Zimbra Collaboration Suite ZCS. An attacker can exploit this by creating ...
Zimbra Web Client (ZWC) Cross-Site Scripting Vulnerability
Zimbra Collaboration Suite ZCS is an open source collaboration suite from the American company Zimbra. The product includes WebMail, Calendar, Address Book, etc. Zimbra Web Client ZWC is one of the e-mail client program. A cross-site scripting vulnerability exists in the briefcase component of ZW...
Briefcase 4.0 iOS - Code Execution & File Include Vulnerability
Document Title: =============== Briefcase 4.0 iOS - Code Execution & File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1319 Release Date: ============= 2014-09-11 Vulnerability Laboratory ID VL-ID:...
GS Foto Uebertraege 3.0 Local File Inclusion
Document Title: =============== GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1325 Release Date: ============= 2014-09-22 Vulnerability Laboratory ID VL-ID: ====================================...
GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability
Document Title: =============== GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1325 Release Date: ============= 2014-09-22 Vulnerability Laboratory ID VL-ID: ====================================...
Briefcase 4.0 iOS - Code Execution & File Include Vulnerability
No description provided by source. Document Title: =============== Briefcase 4.0 iOS - Code Execution & File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1319 Release Date: ============= 2014-09-11 Vulnerability Laboratory ID...
Briefcase 4.0 iOS - Code Execution File Inclusion
Briefcase 4.0 iOS - Code Execution File Inclusion Document Title: =============== Briefcase 4.0 iOS - Code Execution & File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1319 Release Date: ============= 2014-09-11 Vulnerability...
Briefcase 4.0 iOS - Code Execution / File Inclusion
Document Title: =============== Briefcase 4.0 iOS - Code Execution & File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1319 Release Date: ============= 2014-09-11 Vulnerability Laboratory ID VL-ID:...
CVE-2012-1528
Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted briefcase, aka "Windows...