← volver
CVE-2020-13653

CVE-2020-13653

EPSS 1.4%
An XSS vulnerability exists in the Webmail component of Zimbra Collaboration Suite before 8.8.15 Patch 11. It allows an attacker to inject executable JavaScript into the account name of a user's profile. The injected code can be reflected and executed when changing an e-mail signature.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://wiki.zimbra.com/wiki/Security_Centerhttps://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P11https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P4https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories