← back
CVE-2017-8802

CVE-2017-8802

EPSS 1.3%
Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.8.0 Beta2 might allow remote attackers to inject arbitrary web script or HTML via vectors related to the "Show Snippet" functionality.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.zimbra.com/show_bug.cgi?id=107925https://wiki.zimbra.com/wiki/Zimbra_Security_Advisorieshttps://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2018-001_zimbra_stored_xss.txthttp://www.securityfocus.com/archive/1/541661/100/0/threaded