2 matches found
CVE-2022-27925
Zimbra Collaboration aka ZCS 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated user with administrator rights has the ability to upload arbitrary files to the system, leading to directory traversal...
PT-2021-7280
Name of the Vulnerable Software and Affected Versions Zimbra Collaboration ZCS versions 8.8.15 through 9.0 Description The issue concerns the mboximport functionality in Zimbra Collaboration, which allows an authenticated user with administrator rights to upload arbitrary files to the system,...