Collaboration@10.1.0 Security Vulnerabilities and Issues — Collaboration@10.1.0 CVE List

Lucene search

ZimbraCollaboration10.1.0

3 matches found

CVE•added 2024/10/02 10:15 p.m.•339 views

CVE-2024-45519

The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands.

10CVSS7.4AI score0.9415EPSS

CVE•added 2024/10/22 5:15 p.m.•51 views

CVE-2024-45518

An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9, 9.0.0 before Patch 41, and 8.8.15 before Patch 46. It allows authenticated users to exploit Server-Side Request Forgery (SSRF) due to improper input sanitization and misconfigured domain whitelisting. ...

8.8CVSS7.1AI score0.01704EPSS

CVE•added 2025/03/12 3:15 p.m.•43 views

CVE-2025-27914

An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0 and 10.1. A Reflected Cross-Site Scripting (XSS) vulnerability exists in the /h/rest endpoint, allowing authenticated attackers to inject and execute arbitrary JavaScript in a victim's session. Exploitation requires a valid auth tok...

5.4CVSS5.2AI score0.00051EPSS