CVE-2012-0903

CVE-2012-0903

EPSS 1.2%

Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Desktop 7.1.2 b10978 allow remote attackers to inject arbitrary web script or HTML via the (1) Username or (2) MailBox Name.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.org/files/view/108715/VL-378.txt http://seclists.org/fulldisclosure/2012/Jan/244 https://exchange.xforce.ibmcloud.com/vulnerabilities/72405 http://www.securityfocus.com/bid/51436 http://www.vulnerability-lab.com/get_content.php?id=378