First published: Thu May 30 2019(Updated: )
There is a Persistent XSS vulnerability in the briefcase component of Synacor Zimbra Collaboration Suite (ZCS) Zimbra Web Client (ZWC) 8.8.8 before 8.8.8 Patch 7 and 8.8.9 before 8.8.9 Patch 1.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Synacor Zimbra Collaboration Suite | <8.8.8 | |
Synacor Zimbra Collaboration Suite | =8.8.8 | |
Synacor Zimbra Collaboration Suite | =8.8.8-patch1 | |
Synacor Zimbra Collaboration Suite | =8.8.8-patch3 | |
Synacor Zimbra Collaboration Suite | =8.8.8-patch4 | |
Synacor Zimbra Collaboration Suite | =8.8.9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-14425 is a Persistent XSS vulnerability in the briefcase component of Synacor Zimbra Collaboration Suite (ZCS) Zimbra Web Client (ZWC) 8.8.8 before 8.8.8 Patch 7 and 8.8.9 before 8.8.9 Patch 1.
Synacor Zimbra Collaboration Suite (ZCS) Zimbra Web Client (ZWC) versions 8.8.8 before 8.8.8 Patch 7 and 8.8.9 before 8.8.9 Patch 1 are affected.
CVE-2018-14425 has a severity rating of 6.1 (Medium).
To fix CVE-2018-14425, update Synacor Zimbra Collaboration Suite (ZCS) Zimbra Web Client (ZWC) to version 8.8.8 Patch 7 or 8.8.9 Patch 1.
You can find more information about CVE-2018-14425 on the Zimbra Bugzilla page (https://bugzilla.zimbra.com/show_bug.cgi?id=108970) and Zimbra Security Advisories wiki (https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories).