漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A reflected Cross-Site Scripting (XSS) issue exists through the Briefcase module due to improper sanitization of file content by the OnlyOffice formatter. This occurs when the victim opens a crafted URL pointing to a shared folder containing a malicious file uploaded by the attacker. The vulnerability allows the attacker to execute arbitrary JavaScript in the context of the victim's session.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zimbra Collaboration Suite 安全漏洞
Vulnerability Description
Zimbra Collaboration Suite(ZCS)是Zimbra公司的一款开源协同办公套件。该产品包括WebMail、日历、通信录等。 Zimbra Collaboration Suite 10.1版本及之前版本存在安全漏洞,该漏洞源于OnlyOffice格式化程序对文件内容的清理不当。攻击者利用该漏洞可以在受害者会话中执行任意 JavaScript。
CVSS Information
N/A
Vulnerability Type
N/A