3 matches found
CVE-2022-41350
In Zimbra Collaboration Suite ZCS 8.8.15, /h/search?action=voicemail=listen accepts a phone parameter that is vulnerable to Reflected XSS. This allows executing arbitrary JavaScript on the victim's machine...
CVE-2022-41350
CVE-2022-41350 affects Zimbra Collaboration Suite (ZCS) 8.8.15. The vulnerability is a Reflected XSS in the /h/search?action=voicemail&action=listen endpoint where the phone parameter is not properly sanitized, allowing execution of arbitrary JavaScript on the victim’s machine. Public documents c...
CVE-2022-41350
In Zimbra Collaboration Suite ZCS 8.8.15, /h/search?action=voicemail&action=listen accepts a phone parameter that is vulnerable to Reflected XSS. This allows executing arbitrary JavaScript on the victim's machine...