Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in ZmMailMsgView.js in the Calendar Invite component in Zimbra Collaboration Suite 8.8.x before 8.8.15 Patch 23. An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing arbitrary markup to be injected into the document.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zimbra Collaboration Suite跨站脚本漏洞
Vulnerability Description
Zimbra Collaboration Suite(ZCS)是美国Synacor的一款开源协同办公套件。该产品包括WebMail、日历、通信录等。 Zimbra Collaboration Suite 8.8.15 Patch 23之前版本存在安全漏洞,攻击者可利用该漏洞将包含可执行JavaScript的HTML放在元素属性中,导致任意标记被注入到文档中。
CVSS Information
N/A
Vulnerability Type
N/A