First published: Wed Oct 12 2022(Updated: )
An issue was discovered in Zimbra Collaboration (ZCS) 9.0. XSS can occur via the onerror attribute of an IMG element, leading to information disclosure.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zimbra Collaboration | =9.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-41348 is medium with a value of 6.1.
XSS can occur via the onerror attribute of an IMG element in Zimbra Collaboration 9.0.
The XSS vulnerability in Zimbra Collaboration 9.0 allows for information disclosure.
To fix the XSS vulnerability in Zimbra Collaboration 9.0, apply the appropriate patches or upgrades provided by Zimbra.
You can find more information about the CVE-2022-41348 vulnerability on the Zimbra Security Center and Zimbra Security Advisories.