Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A Cross-Site Scripting (XSS) vulnerability in the /h/rest endpoint of the Zimbra webmail and admin panel interfaces allows attackers to execute arbitrary JavaScript in the victim's session. This issue is caused by improper sanitization of user input, leading to potential compromise of sensitive information. Exploitation requires user interaction to access the malicious URL.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zimbra Collaboration Server 跨站脚本漏洞
Vulnerability Description
Zimbra Collaboration Server(ZCS)是Zimbra公司的一套电子邮件和协作解决方案。该方案提供电子邮件、联系人、日历、文件共享、社交网络等功能。 Zimbra Collaboration Server 10.1版本及之前版本存在跨站脚本漏洞,该漏洞源于对用户输入清理不当。攻击者利用该漏洞可以在受害者的会话中执行任意JavaScript。
CVSS Information
N/A
Vulnerability Type
N/A