First published: Thu Jul 06 2023(Updated: )
Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zimbra Collaboration | =8.8.15 | |
Zimbra Collaboration | =8.8.15-p1 | |
Zimbra Collaboration | =8.8.15-p10 | |
Zimbra Collaboration | =8.8.15-p11 | |
Zimbra Collaboration | =8.8.15-p12 | |
Zimbra Collaboration | =8.8.15-p13 | |
Zimbra Collaboration | =8.8.15-p14 | |
Zimbra Collaboration | =8.8.15-p15 | |
Zimbra Collaboration | =8.8.15-p16 | |
Zimbra Collaboration | =8.8.15-p17 | |
Zimbra Collaboration | =8.8.15-p18 | |
Zimbra Collaboration | =8.8.15-p19 | |
Zimbra Collaboration | =8.8.15-p2 | |
Zimbra Collaboration | =8.8.15-p20 | |
Zimbra Collaboration | =8.8.15-p21 | |
Zimbra Collaboration | =8.8.15-p22 | |
Zimbra Collaboration | =8.8.15-p23 | |
Zimbra Collaboration | =8.8.15-p24 | |
Zimbra Collaboration | =8.8.15-p25 | |
Zimbra Collaboration | =8.8.15-p26 | |
Zimbra Collaboration | =8.8.15-p27 | |
Zimbra Collaboration | =8.8.15-p28 | |
Zimbra Collaboration | =8.8.15-p29 | |
Zimbra Collaboration | =8.8.15-p3 | |
Zimbra Collaboration | =8.8.15-p30 | |
Zimbra Collaboration | =8.8.15-p31 | |
Zimbra Collaboration | =8.8.15-p32 | |
Zimbra Collaboration | =8.8.15-p33 | |
Zimbra Collaboration | =8.8.15-p34 | |
Zimbra Collaboration | =8.8.15-p35 | |
Zimbra Collaboration | =8.8.15-p37 | |
Zimbra Collaboration | =8.8.15-p4 | |
Zimbra Collaboration | =8.8.15-p5 | |
Zimbra Collaboration | =8.8.15-p6 | |
Zimbra Collaboration | =8.8.15-p7 | |
Zimbra Collaboration | =8.8.15-p8 | |
Zimbra Collaboration | =8.8.15-p9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-34192 has a severity level of critical.
CVE-2023-34192 affects Zimbra Collaboration versions 8.8.15 and its subsequent patches.
CVE-2023-34192 allows a remote authenticated attacker to execute arbitrary code via a crafted script.
To fix CVE-2023-34192, apply the recommended patch from Zimbra Collaboration or upgrade to a patched version.
You can find more information about CVE-2023-34192 and Zimbra Collaboration security advisories on the Zimbra Security Center and Zimbra Wiki.