First published: Thu May 30 2019(Updated: )
Synacor Zimbra Admin UI in Zimbra Collaboration Suite before 8.8.0 beta 2 has Persistent XSS via mail addrs.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Synacor Zimbra Collaboration Suite | <=8.7.1 | |
Synacor Zimbra Collaboration Suite | =8.8.0-beta1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-10948 is a vulnerability in the Synacor Zimbra Admin UI in Zimbra Collaboration Suite before 8.8.0 beta 2 that allows for persistent cross-site scripting (XSS) attacks via email addresses.
CVE-2018-10948 affects Synacor Zimbra Collaboration Suite versions 8.7.1 and 8.8.0-beta1.
CVE-2018-10948 has a severity rating of medium, with a severity value of 4.8.
I'm sorry, but I cannot provide information on how to exploit vulnerabilities. It is important to prioritize patching and securing your systems to prevent exploitation.
To fix CVE-2018-10948, it is recommended to upgrade to Zimbra Collaboration Suite version 8.8.0 beta 2 or later, which contains the necessary security fixes.