3 matches found
CVE-2024-45517
An issue was discovered in Zimbra Collaboration ZCS through 10.1. A Cross-Site Scripting XSS vulnerability in the /h/rest endpoint of the Zimbra webmail and admin panel interfaces allows attackers to execute arbitrary JavaScript in the victim's session. This issue is caused by improper sanitizati...
CVE-2024-45517
creationtimestamp| type| source ---|---|--- 2024-11-21 16:57:39+00:00| seen| https://infosec.exchange/users/cve/statuses/113522000445292487...
Zimbra Collaboration Server 8.0.0 < 8.8.15 Patch 46, 9.0.0 < 9.0.0 Patch 41, 10.0 < 10.0.9, 10.1.0 < 10.1.1 Multiple Vulnerabilities
According to its self-reported version number, Zimbra Collaboration Server is affected by multiple vulnerabilities including: - Fixed a security vulnerability in the postjournal service which may allow unauthenticated users to execute commands. CVE-2024-45519 - A Server-Side Request Forgery SSRF...