First published: Wed Dec 15 2021(Updated: )
A reflected cross-site scripting (XSS) vulnerability in the zimbraAdmin/public/secureRequest.jsp component of Zimbra Collaboration 8.8.12 allows unauthenticated attackers to execute arbitrary web scripts or HTML via a host header injection.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Synacor Zimbra Collaboration Suite | =8.8.12 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-18984 is a reflected cross-site scripting (XSS) vulnerability in the zimbraAdmin/public/secureRequest.jsp component of Zimbra Collaboration 8.8.12.
The severity of CVE-2020-18984 is medium with a CVSS score of 6.1.
CVE-2020-18984 affects Zimbra Collaboration Suite 8.8.12, allowing unauthenticated attackers to execute arbitrary web scripts or HTML via a host header injection.
To fix CVE-2020-18984, users should update to a patched version of Zimbra Collaboration Suite.
Yes, you can find more information about CVE-2020-18984 at the following link: https://github.com/buxu/bug/issues/2