6.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
33.2%
A reflected cross-site scripting (XSS) vulnerability in the zimbraAdmin/public/secureRequest.jsp component of Zimbra Collaboration 8.8.12 allows unauthenticated attackers to execute arbitrary web scripts or HTML via a host header injection.
github.com/buxu/bug/issues/2