Zimbra ZCS 9.0/8.8.15 XSS via /h/ Attr
CVE-2023-24031 Published on June 15, 2023

An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 8.8.15. XSS can occur, via one of attributes of the webmail /h/ endpoint, to execute arbitrary JavaScript code, leading to information disclosure.

NVD

Products Associated with CVE-2023-24031

Want to know whenever a new CVE is published for Zimbra Collaboration? stack.watch will email you.

Zimbra Collaboration

Exploit Probability

EPSS

0.37%

Percentile

58.04%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Zimbra ZCS 9.0/8.8.15 XSS via /h/ AttrCVE-2023-24031 Published on June 15, 2023

Products Associated with CVE-2023-24031

Exploit Probability

Zimbra ZCS 9.0/8.8.15 XSS via /h/ Attr
CVE-2023-24031 Published on June 15, 2023