Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Zimbra Subscribe
Total 67 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-8946 1 Zimbra 1 Collaboration Server 2020-01-28 4.3 MEDIUM 6.1 MEDIUM
Zimbra Collaboration 8.7.x - 8.8.11P2 contains persistent XSS.
CVE-2019-8945 1 Zimbra 1 Collaboration Server 2020-01-28 4.3 MEDIUM 6.1 MEDIUM
Zimbra Collaboration 8.7.x - 8.8.11P2 contains persistent XSS.
CVE-2012-1213 1 Zimbra 1 Zimbra 2017-11-18 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in zimbra/h/calendar in Zimbra Web Client in Zimbra Collaboration Suite (ZCS) 6.x before 6.0.15 and 7.x before 7.1.3 allows remote attackers to inject arbitrary web script or HTML via the view parameter.
CVE-2013-7217 1 Zimbra 1 Collaboration Server 2017-08-29 10.0 HIGH N/A
Unspecified vulnerability in Zimbra Collaboration Server 7.2.5 and earlier, and 8.0.x through 8.0.5, has "critical" impact and unspecified vectors, a different vulnerability than CVE-2013-7091.
CVE-2008-1226 1 Zimbra 1 Collaboration Suite 2017-08-08 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration Suite (ZCS) 4.0.3, 4.5.6, and possibly other versions before 4.5.10 allow remote attackers to inject arbitrary web script or HTML via an e-mail attachment, possibly involving a (1) .jpg or (2) .gif image attachment.
CVE-2016-5721 1 Zimbra 1 Zimbra Collaboration Server 2016-11-28 4.3 MEDIUM 6.1 MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-6541 1 Zimbra 1 Zimbra Collaboration Server 2016-04-11 6.8 MEDIUM 8.8 HIGH
Multiple cross-site request forgery (CSRF) vulnerabilities in the Mail interface in Zimbra Collaboration Server (ZCS) before 8.5 allow remote attackers to hijack the authentication of arbitrary users for requests that change account preferences via a SOAP request to service/soap/BatchRequest.