First published: Mon Jan 27 2020(Updated: )
Zimbra Collaboration before 8.8.15 Patch 1 is vulnerable to a non-persistent XSS via the Admin Console.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zimbra Collaboration Server | <=8.8.15 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-12427 is a vulnerability in Zimbra Collaboration before 8.8.15 Patch 1 that allows non-persistent XSS via the Admin Console.
CVE-2019-12427 has a severity level of medium with a score of 4.8.
Zimbra Collaboration Server versions up to and including 8.8.15 are affected by CVE-2019-12427.
To fix CVE-2019-12427, update Zimbra Collaboration to version 8.8.15 Patch 1 or later.
More information about CVE-2019-12427 can be found at the following references: - [Bugzilla](https://bugzilla.zimbra.com/show_bug.cgi?id=109174) - [Zimbra Security Center](https://wiki.zimbra.com/wiki/Security_Center) - [Zimbra Security Advisories](https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories)