3 matches found
EUVD-2020-22819
Malware in sbrugna...
Vulnerability fixed in Zimbra
Synacor has fixed a vulnerability in Zimbra in the way in which XML entities are processed in zm-saml-consumer-store. This vulnerability makes it possible for a malicious person to perform a Denial-of-Service attack. Attacks carried out via this vulnerability are also known as "billion laughs"...
Design/Logic Flaw
In Zimbra Collaboration Suite Network Edition versions 9.0.0 P10 and 8.8.15 P17, there exists an XXE vulnerability in the saml consumer store extension, which is vulnerable to XXE attacks. This has been fixed in Zimbra Collaboration Suite Network edition 9.0.0 Patch 10 and 8.8.15 Patch 17...