CVE-2023-34192: XSS
First published: Thu Jul 06 2023(Updated: )
Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zimbra Collaboration | =8.8.15 | |
| Zimbra Collaboration | =8.8.15-p1 | |
| Zimbra Collaboration | =8.8.15-p10 | |
| Zimbra Collaboration | =8.8.15-p11 | |
| Zimbra Collaboration | =8.8.15-p12 | |
| Zimbra Collaboration | =8.8.15-p13 | |
| Zimbra Collaboration | =8.8.15-p14 | |
| Zimbra Collaboration | =8.8.15-p15 | |
| Zimbra Collaboration | =8.8.15-p16 | |
| Zimbra Collaboration | =8.8.15-p17 | |
| Zimbra Collaboration | =8.8.15-p18 | |
| Zimbra Collaboration | =8.8.15-p19 | |
| Zimbra Collaboration | =8.8.15-p2 | |
| Zimbra Collaboration | =8.8.15-p20 | |
| Zimbra Collaboration | =8.8.15-p21 | |
| Zimbra Collaboration | =8.8.15-p22 | |
| Zimbra Collaboration | =8.8.15-p23 | |
| Zimbra Collaboration | =8.8.15-p24 | |
| Zimbra Collaboration | =8.8.15-p25 | |
| Zimbra Collaboration | =8.8.15-p26 | |
| Zimbra Collaboration | =8.8.15-p27 | |
| Zimbra Collaboration | =8.8.15-p28 | |
| Zimbra Collaboration | =8.8.15-p29 | |
| Zimbra Collaboration | =8.8.15-p3 | |
| Zimbra Collaboration | =8.8.15-p30 | |
| Zimbra Collaboration | =8.8.15-p31 | |
| Zimbra Collaboration | =8.8.15-p32 | |
| Zimbra Collaboration | =8.8.15-p33 | |
| Zimbra Collaboration | =8.8.15-p34 | |
| Zimbra Collaboration | =8.8.15-p35 | |
| Zimbra Collaboration | =8.8.15-p37 | |
| Zimbra Collaboration | =8.8.15-p4 | |
| Zimbra Collaboration | =8.8.15-p5 | |
| Zimbra Collaboration | =8.8.15-p6 | |
| Zimbra Collaboration | =8.8.15-p7 | |
| Zimbra Collaboration | =8.8.15-p8 | |
| Zimbra Collaboration | =8.8.15-p9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-34192?
CVE-2023-34192 has a severity level of critical.
How does CVE-2023-34192 affect Zimbra Collaboration?
CVE-2023-34192 affects Zimbra Collaboration versions 8.8.15 and its subsequent patches.
What is the impact of CVE-2023-34192?
CVE-2023-34192 allows a remote authenticated attacker to execute arbitrary code via a crafted script.
How can I fix CVE-2023-34192?
To fix CVE-2023-34192, apply the recommended patch from Zimbra Collaboration or upgrade to a patched version.
Where can I find more information about CVE-2023-34192 and Zimbra Collaboration security advisories?
You can find more information about CVE-2023-34192 and Zimbra Collaboration security advisories on the Zimbra Security Center and Zimbra Wiki.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/weakness
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/zimbra
- canonical/zimbra collaboration
- version/zimbra collaboration/8.8.15
- version/zimbra collaboration/8.8.15-p1
- version/zimbra collaboration/8.8.15-p10
- version/zimbra collaboration/8.8.15-p11
- version/zimbra collaboration/8.8.15-p12
- version/zimbra collaboration/8.8.15-p13
- version/zimbra collaboration/8.8.15-p14
- version/zimbra collaboration/8.8.15-p15
- version/zimbra collaboration/8.8.15-p16
- version/zimbra collaboration/8.8.15-p17
- version/zimbra collaboration/8.8.15-p18
- version/zimbra collaboration/8.8.15-p19
- version/zimbra collaboration/8.8.15-p2
- version/zimbra collaboration/8.8.15-p20
- version/zimbra collaboration/8.8.15-p21
- version/zimbra collaboration/8.8.15-p22
- version/zimbra collaboration/8.8.15-p23
- version/zimbra collaboration/8.8.15-p24
- version/zimbra collaboration/8.8.15-p25
- version/zimbra collaboration/8.8.15-p26
- version/zimbra collaboration/8.8.15-p27
- version/zimbra collaboration/8.8.15-p28
- version/zimbra collaboration/8.8.15-p29
- version/zimbra collaboration/8.8.15-p3
- version/zimbra collaboration/8.8.15-p30
- version/zimbra collaboration/8.8.15-p31
- version/zimbra collaboration/8.8.15-p32
- version/zimbra collaboration/8.8.15-p33
- version/zimbra collaboration/8.8.15-p34
- version/zimbra collaboration/8.8.15-p35
- version/zimbra collaboration/8.8.15-p37
- version/zimbra collaboration/8.8.15-p4
- version/zimbra collaboration/8.8.15-p5
- version/zimbra collaboration/8.8.15-p6
- version/zimbra collaboration/8.8.15-p7
- version/zimbra collaboration/8.8.15-p8
- version/zimbra collaboration/8.8.15-p9