CVE-2018-6882
CVE-2018-6882
In short
An attacker can inject malicious scripts into emails by using a specially crafted Content-Location header in an attachment. When a user views the email in Zimbra, the script executes in their browser, potentially stealing data or performing unauthorized actions.
Technical detail
XSS vulnerability in ZmMailMsgView.getAttachmentLinkHtml function allows unauthenticated attackers to inject arbitrary JavaScript via Content-Location header in email attachments. Attack requires user interaction (viewing the email) and affects Zimbra Collaboration Suite versions before 8.7.1 and 8.8.x before 8.8.7, impacting confidentiality and integrity of user sessions.
Summary generated and translated by AI from the official description.
Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Location header in an email attachment.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://bugzilla.zimbra.com/show_bug.cgi?id=108786http://seclists.org/fulldisclosure/2018/Mar/52https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.7https://wiki.zimbra.com/wiki/Zimbra_Security_Advisorieshttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-6882https://www.securify.nl/advisory/SFY20180101/cross-site-scripting-vulnerability-in-zimbra-collaboration-suite-due-to-the-way-it-handles-attachment-links.htmlhttp://www.securityfocus.com/archive/1/541891/100/0/threaded