5.9 Medium
AI Score
Confidence
High
0.962 High
EPSS
Percentile
99.5%
A reflected cross-site scripting (XSS) vulnerability in the /public/launchNewWindow.jsp component of Zimbra Collaboration (aka ZCS) 9.0 allows unauthenticated attackers to execute arbitrary web script or HTML via request parameters.
wiki.zimbra.com/wiki/Security_Center
wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P24
wiki.zimbra.com/wiki/Zimbra_Security_Advisories