PT-2024-31676 · Zimbra · Zimbra Collaboration
Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration ZCS versions through 10.1 Description: A Cross-Site Scripting XSS issue in the "/h/rest" endpoint of the Zimbra webmail and admin panel interfaces allows attackers to execute arbitrary JavaScript in the victim's session...