5 matches found
The vulnerability of the Calendar component in the Zimbra Collaboration Suite corporate email management system allows a hacker to insert any desired malicious code into documents.
The vulnerability of the Calendar component in the Zimbra Collaboration Suite enterprise email management system exists due to the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to insert arbitrary code into documents...
CVE-2022-24682
An issue was discovered in the Calendar feature in Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 update 1, as exploited in the wild starting in December 2021. An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing...
CVE-2022-24682
An issue was discovered in the Calendar feature in Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 update 1, as exploited in the wild starting in December 2021. An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing...
PT-2022-4547
Name of the Vulnerable Software and Affected Versions Zimbra Collaboration Suite versions 8.8.x through 8.8.15 patch 29 Description An issue was discovered in the Calendar feature, allowing an attacker to place HTML containing executable JavaScript inside element attributes. This markup becomes...
VulnCheck KEV: CVE-2022-24682
Synacor Zimbra Collaboration Suite ZCS contains a cross-site scripting XSS vulnerability in the Calendar feature that allows an attacker to execute arbitrary code...