Lucene search
K

14 matches found

NVD
NVD
added 2026/03/20 2:16 p.m.5 views

CVE-2026-33368

Zimbra Collaboration Suite ZCS 10.0 and 10.1 contains a reflected cross-site scripting XSS vulnerability in the Classic Webmail REST interface /h/rest. The application fails to properly sanitize user-supplied input, allowing an unauthenticated attacker to inject malicious JavaScript into a crafte...

6.1CVSS0.00223EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.24 views

EUVD-2023-38292

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.01169EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 3:55 a.m.15 views

CVE-2023-34193

File Upload vulnerability in Zimbra ZCS 8.8.15 allows an authenticated privileged user to execute arbitrary code and obtain sensitive information via the ClientUploader function...

8.8CVSS7.2AI score0.01169EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:55 a.m.7 views

CVE-2023-34192

Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function...

9CVSS6.9AI score0.77266EPSS
Exploits0
OSV
OSV
added 2023/07/06 4:15 p.m.38 views

CVE-2023-34192

Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function...

9CVSS7.1AI score0.77266EPSS
Exploits0References4
OSV
OSV
added 2023/07/06 4:15 p.m.26 views

CVE-2023-34193

File Upload vulnerability in Zimbra ZCS 8.8.15 allows an authenticated privileged user to execute arbitrary code and obtain sensitive information via the ClientUploader function...

8.8CVSS7.5AI score
Exploits0References3
Prion
Prion
added 2023/07/06 4:15 p.m.25 views

Cross site scripting

Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function...

6CVSS8.7AI score0.77266EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/07/06 4:15 p.m.56 views

Unrestricted file upload

File Upload vulnerability in Zimbra ZCS 8.8.15 allows an authenticated privileged user to execute arbitrary code and obtain sensitive information via the ClientUploader function...

6.5CVSS8.6AI score0.01169EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/07/06 12:0 a.m.50 views

CVE-2023-34193

File Upload vulnerability in Zimbra ZCS 8.8.15 allows an authenticated privileged user to execute arbitrary code and obtain sensitive information via the ClientUploader function...

9.2AI score0.01169EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/07/06 12:0 a.m.12 views

CVE-2023-34193

File Upload vulnerability in Zimbra ZCS 8.8.15 allows an authenticated privileged user to execute arbitrary code and obtain sensitive information via the ClientUploader function...

7.5AI score0.01169EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/07/06 12:0 a.m.14 views

CVE-2023-34192

Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function...

7.1AI score0.77266EPSS
Exploits0References3
CVE
CVE
added 2023/07/06 12:0 a.m.95 views

CVE-2023-34193

CVE-2023-34193 affects Zimbra ZCS 8.8.15 where an authenticated privileged user can upload via the ClientUploader function, enabling arbitrary code execution and access to sensitive data. Root cause is a file-upload pathway vulnerability in Zimbra ZCS; impact includes high confidentiality, integr...

8.8CVSS8.6AI score0.01169EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/07/06 12:0 a.m.8 views

PT-2023-24729 · Zimbra · Zimbra Zcs

Name of the Vulnerable Software and Affected Versions: Zimbra ZCS version 8.8.15 Description: The issue allows an authenticated privileged user to execute arbitrary code and obtain sensitive information via the ClientUploader function. Recommendations: For Zimbra ZCS version 8.8.15, consider...

8.8CVSS8.7AI score0.01169EPSS
Exploits0References8
CVE
CVE
added 2023/07/06 12:0 a.m.217 views

CVE-2023-34192

CVE-2023-34192 affects Zimbra Collaboration Suite (ZCS) v8.8.15. A cross-site scripting (XSS) vulnerability exists in the /h/autoSaveDraft function that an authenticated remote attacker can exploit by sending a crafted script, allowing arbitrary script execution in the victim’s browser and potent...

9CVSS8.6AI score0.77266EPSS
In wildExploits0References4Affected Software1
Rows per page
Query Builder