Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zimbra collaboration vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-8946
Zimbra Collaboration 8.7.x - 8.8.11P2 contains persistent XSS.
Zimbra Collaboration Server
Zimbra Collaboration Server 8.8.11
6.1
CVSSv3
CVE-2019-15313
In Zimbra Collaboration prior to 8.8.15 Patch 1, there is a non-persistent XSS vulnerability.
Zimbra Collaboration Server
Zimbra Collaboration Server 8.8.15
6.1
CVSSv3
CVE-2019-8947
Zimbra Collaboration 8.7.x - 8.8.11P2 contains non-persistent XSS.
Zimbra Collaboration Server
Zimbra Collaboration Server 8.8.11
6.1
CVSSv3
CVE-2019-8945
Zimbra Collaboration 8.7.x - 8.8.11P2 contains persistent XSS.
Zimbra Collaboration Server
Zimbra Collaboration Server 8.8.11
NA
CVE-2008-1226
Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration Suite (ZCS) 4.0.3, 4.5.6, and possibly other versions prior to 4.5.10 allow remote malicious users to inject arbitrary web script or HTML via an e-mail attachment, possibly involving a (1) .jpg or (2) .gi...
Zimbra Collaboration Suite 4.0.3
Zimbra Collaboration Suite 4.5.6
5.4
CVSSv3
CVE-2015-2249
Zimbra Collaboration prior to 8.6.0 patch5 has XSS.
Synacor Zimbra Collaboration Server
Synacor Zimbra Collaboration Server 8.6.0
5.3
CVSSv3
CVE-2020-8633
An issue exists in Zimbra Collaboration Suite (ZCS) prior to 8.8.15 Patch 7. When grantors revoked a shared calendar in Outlook, the calendar stayed mounted and accessible.
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.8.15
6.1
CVSSv3
CVE-2020-13653
An XSS vulnerability exists in the Webmail component of Zimbra Collaboration Suite prior to 8.8.15 Patch 11. It allows an malicious user to inject executable JavaScript into the account name of a user's profile. The injected code can be reflected and executed when changing a...
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.8.15
9.8
CVSSv3
CVE-2019-9670
mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x prior to 8.7.11p10 has an XML External Entity injection (XXE) vulnerability, as demonstrated by Autodiscover/Autodiscover.xml.
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite
1 EDB exploit
7 Github repositories
9.8
CVSSv3
CVE-2020-7796
Zimbra Collaboration Suite (ZCS) prior to 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled.
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.8.15
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »