Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows remote attackers to hijack the authentication of unspecified victims by leveraging failure to use a CSRF token.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zimbra Collaboration Suite 跨站请求伪造漏洞
Vulnerability Description
Zimbra Collaboration Suite(又名ZCS)是美国Zimbra公司的一款开源协同办公套件,它包括WebMail、日历、通信录等。 Zimbra ZCS 8.6.0 Patch 10之前版本、8.7.11 Patch 2之前的8.7.x版本和8.8.8 Patch 1之前的8.8.x版本中的登录表单存在跨站请求伪造漏洞,该漏洞源于程序没有使用跨站请求伪造令牌。远程攻击者可利用该漏洞执行未授权的操作,并获取受影响应用程序的访问权限。
CVSS Information
N/A
Vulnerability Type
N/A