Back

Zimbra Collaboration Suite Vulnerability Disclosed

Severity: High (Score: 60.6)

Sources: wiki.zimbra.com, Hkcert, cve.mitre.org

Summary

A security vulnerability has been identified in Zimbra Collaboration Suite, affecting versions prior to 10.0.12, 10.1.4, and 8.8.15 Patch 47. This vulnerability allows remote attackers to exploit cross-site scripting (XSS) and potentially disclose sensitive information from the targeted system. Users of unsupported versions are also at risk, as they may share similar vulnerabilities. The vendor has released security advisories detailing the vulnerabilities and urging users to update to supported versions. It is critical for organizations using Zimbra to apply the latest patches to mitigate the risk. The vulnerability is classified under multiple CVEs, but specific CVE numbers were not provided in the articles. The current status indicates that users are advised to check for updates immediately. Key Points: • Zimbra Collaboration Suite has a critical XSS vulnerability affecting multiple versions. • Remote attackers can exploit this vulnerability for sensitive information disclosure. • Users are urged to update to supported versions to mitigate risks.

Key Entities

  • XSS (vulnerability)
  • Cwe-79 - Cross-site Scripting (xss) (cwe)
  • Zimbra Collaboration (platform)
  • Zimbra Collaboration Suite (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed