Synacor Zimbra Collaboration Suite (ZCS) is an open source collaboration suite from Synacor, Inc. Zimbra Collaboration Suite version 9.0.0 contains a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the onerror attribute of the IMG element, which could be exploited by attackers to obtain sensitive information such as user cookies.
CPE | Name | Operator | Version |
---|---|---|---|
zimbra zimbra collaboration suite๏ผzcs๏ผ | eq | 9.0.0 |