mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x prior to 8.7.11p10 has an XML External Entity injection (XXE) vulnerability, as demonstrated by Autodiscover/Autodiscover.xml.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
synacor zimbra collaboration suite 8.7.11 |
||
synacor zimbra collaboration suite |