Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0 and 10.1. A Reflected Cross-Site Scripting (XSS) vulnerability exists in the /h/rest endpoint, allowing authenticated attackers to inject and execute arbitrary JavaScript in a victim's session. Exploitation requires a valid auth token and involves a crafted URL with manipulated query parameters that triggers XSS when accessed by a victim.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zimbra Collaboration Server 安全漏洞
Vulnerability Description
Zimbra Collaboration Server(ZCS)是Zimbra公司的一套电子邮件和协作解决方案。该方案提供电子邮件、联系人、日历、文件共享、社交网络等功能。 Zimbra Collaboration Server 9.0版本、10.0版本和10.1版本存在安全漏洞,该漏洞源于/h/rest端点存在反射型跨站脚本漏洞,允许攻击者注入并执行任意JavaScript。
CVSS Information
N/A
Vulnerability Type
N/A