logo

CVE-2022-27926 - Zimbra Collaboration (ZCS) Cross-Site Scripting (XSS) Vulnerability

CVE-2022-27926

Zimbra | Collaboration (ZCS)

  • Date Added:
  • 2023-04-03
  • Due Date:
  • 2023-04-24
Vulnerability Name

Zimbra Collaboration (ZCS) Cross-Site Scripting (XSS) Vulnerability

Description

Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability by allowing an endpoint URL to accept parameters without sanitizing.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes
https://wiki.zimbra.com/wiki/Security_Center; https://nvd.nist.gov/vuln/detail/CVE-2022-27926

Free security scan for your website