Lucene search
+L

7 matches found

hivepro
hivepro
added 2023/04/05 10:9 a.m.31 views

Winter Vivern APT targets EU with Zimbra flaw

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Winter Vivern abuses CVE-2022-27926 to attack public Zimbra webmail portals of government entities. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...

4.3CVSS6.4AI score0.17634EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/03/31 2:7 p.m.49 views

Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability

The advanced persistent threat APT actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign. "TA473 since at least February 2023 has continuously leveraged an unpatched Zimbra vulnerability in publicly facing webmail portals tha...

6.1CVSS7AI score0.17634EPSS
Exploits0
Circl
Circl
added 2023/03/30 1:10 p.m.12 views

CVE-2022-27926

creationtimestamp| type| source ---|---|--- 2023-03-30 13:10:31+00:00| seen| MISP/f6514ab9-c7ca-4a21-a3c5-8cffbc6e32db 2023-06-14 21:10:04+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-02-29 13:50:13+00:00| seen| MISP/0f810383-867c-42c6-ba59-2c5e4cfacbce 2024-12-24 20:34:05+00:00|...

6.1CVSS6.6AI score0.17634EPSS
Exploits0References5
VulnCheck KEV
VulnCheck KEV
added 2023/03/30 12:0 a.m.3 views

VulnCheck KEV: CVE-2022-27926

Synacor Zimbra Collaboration Suite ZCS contains a cross-site scripting vulnerability by allowing an endpoint URL to accept parameters without sanitizing...

6.1CVSS6.5AI score0.17634EPSS
Exploits0References1
CVE
CVE
added 2022/04/20 11:23 p.m.587 views

CVE-2022-27926

Zimbra Collaboration (ZCS) 9.0 is affected by a reflected XSS in /public/launchNewWindow.jsp that allows unauthenticated attackers to execute arbitrary script or HTML via request parameters. The issue is confirmed across multiple sources (NVD/Nuclei/CISA KEV/CNVD) with the impact described as cli...

6.1CVSS6AI score0.17634EPSS
In wildExploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2022/04/20 11:23 p.m.8 views

CVE-2022-27926

A reflected cross-site scripting XSS vulnerability in the /public/launchNewWindow.jsp component of Zimbra Collaboration aka ZCS 9.0 allows unauthenticated attackers to execute arbitrary web script or HTML via request parameters...

6.1AI score0.17634EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/04/20 11:23 p.m.26 views

CVE-2022-27926

A reflected cross-site scripting XSS vulnerability in the /public/launchNewWindow.jsp component of Zimbra Collaboration aka ZCS 9.0 allows unauthenticated attackers to execute arbitrary web script or HTML via request parameters...

6.4AI score0.17634EPSS
Exploits0References3
Rows per page
Query Builder