← Back

Zimbra Collaboration Suite

zimbra_collaboration_suite

Vendor: Zimbra • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-10939
2Synacor
Zimbra
2Zimbra Collaboration Suite
Zimbra Collaboration Suite
Nov 21, 2024
May 30, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Zimbra Web Client (ZWC) in Zimbra Collaboration Suite 8.8 before 8.8.8.Patch4 and 8.7 before 8.7.11.Patch4 has Persistent XSS via a contact group.
CVE-2015-7610
2Synacor
Zimbra
2Zimbra Collaboration Suite
Zimbra Collaboration Suite
Nov 21, 2024
May 30, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows remote attackers to hija...Show more
Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows remote attackers to hijack the authentication of unspecified victims by leveraging failure to use a CSRF token.Show less