Lucene search
K

7 matches found

Wallarm Lab
Wallarm Lab
added 2023/11/21 3:59 p.m.47 views

Unpacking the Zimbra Cross-Site Scripting Vulnerability (CVE-2023-37580)

Insights and Protections On November 16, 2023, a significant security concern was published by Google's Threat Analysis Group TAG. They revealed an alarming vulnerability in Zimbra Collaboration, a widely-used email hosting tool for organizations. This vulnerability, designated with an identifier...

5.8CVSS6.1AI score0.59041EPSS
Exploits0
hivepro
hivepro
added 2023/11/20 4:51 a.m.52 views

Four Threat Actors Capitalized on Zimbra Zero Day to Infiltrate Government Organizations

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A zero-day vulnerability identified as CVE-2023-37580 in Zimbra Collaboration email software has been exploited by four different groups in attacks. These attacks aimed to illicitly obtain email data, us...

5.8CVSS7.3AI score0.59041EPSS
Exploits0
NVD
NVD
added 2023/07/31 4:15 p.m.25 views

CVE-2023-37580

Zimbra Collaboration ZCS 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web Client...

6.1CVSS6.3AI score0.59041EPSS
Exploits0References4
hivepro
hivepro
added 2023/07/31 5:57 a.m.43 views

Zimbra Fixes A Zero-Day Vulnerability Exploited in Attacks

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The vulnerability CVE-2023-37580 in Zimbra Collaboration Suite ZCS version 8.8.15 is a Cross-Site Scripting XSS flaw in the Zimbra Classic Web Client interface. Its impact is severe as it can...

5.8CVSS5.9AI score0.59041EPSS
Exploits0
CVE
CVE
added 2023/07/31 12:0 a.m.523 views

CVE-2023-37580

CVE-2023-37580 – Zimbra Collaboration Suite (ZCS) XSS : The Nuclei template confirms a Cross-Site Scripting vulnerability in ZCS 8.x before 8.8.15 Patch 41, specifically in the Zimbra Classic Web Client. Impact described in the connected doc: successful exploitation could execute arbitrary script...

6.1CVSS6.2AI score0.59041EPSS
In wildExploits0References4Affected Software1
Circl
Circl
added 2023/07/27 6:10 p.m.10 views

CVE-2023-37580

creationtimestamp| type| source ---|---|--- 2023-07-27 18:10:02+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-07-31 20:37:54+00:00| seen| https://t.me/cibsecurity/67484 2023-11-16 17:59:39+00:00| exploited| https://t.me/KomunitiSiber/1084 2023-11-16 18:23:55+00:00| exploited|...

6.1CVSS6.8AI score0.59041EPSS
Exploits0References13
The Hacker News
The Hacker News
added 2023/07/14 7:5 a.m.82 views

Zimbra Warns of Critical Zero-Day Flaw in Email Software Amid Active Exploitation

Zimbra has warned of a critical zero-day security flaw in its email software that has come under active exploitation in the wild. "A security vulnerability in Zimbra Collaboration Suite Version 8.8.15 that could potentially impact the confidentiality and integrity of your data has surfaced," the...

9.1CVSS7AI score0.59041EPSS
Exploits0
Rows per page
Query Builder