← Back

Zimbra Collaboration Server

zimbra_collaboration_server

Vendor: Zimbra • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2016-5721
1Zimbra
1Zimbra Collaboration Server
May 6, 2026
Aug 29, 2016
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-6541
1Zimbra
1Zimbra Collaboration Server
May 6, 2026
Apr 8, 2016
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Multiple cross-site request forgery (CSRF) vulnerabilities in the Mail interface in Zimbra Collaboration Server (ZCS) before 8.5 allow remote attackers to hijack the authentication of arbitrary users for requests that ch...Show more
Multiple cross-site request forgery (CSRF) vulnerabilities in the Mail interface in Zimbra Collaboration Server (ZCS) before 8.5 allow remote attackers to hijack the authentication of arbitrary users for requests that change account preferences via a SOAP request to service/soap/BatchRequest.Show less