Lucene search
PRIOn knowledge basePRION:CVE-2018-6882HistoryMar 27, 2018 - 4:29 p.m.
Cross site scripting
2018-03-2716:29:00
PRIOn knowledge base
www.prio-n.com
10
0.007 Low
EPSS
Percentile
81.1%
Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Location header in an email attachment.
References
seclists.org/fulldisclosure/2018/Mar/52
www.securityfocus.com/archive/1/541891/100/0/threaded
bugzilla.zimbra.com/show_bug.cgi?id=108786
wiki.zimbra.com/wiki/Zimbra_Releases/8.8.7
wiki.zimbra.com/wiki/Zimbra_Security_Advisories
www.securify.nl/advisory/SFY20180101/cross-site-scripting-vulnerability-in-zimbra-collaboration-suite-due-to-the-way-it-handles-attachment-links.html
Related
checkpoint_advisories
checkpoint_advisories
Zimbra Collaboration Suite Cross Site Scripting (CVE-2018-6882)
2022-05-23 00:00:00
nessus
nessus
cvelist
cvelist
CVE-2018-6882
2018-03-27 16:00:00
thn
thn
packetstorm
packetstorm
Zimbra Collaboration Suite 8.7.11_GA_1854 Cross Site Scripting
2018-03-25 00:00:00
cve
cve
CVE-2018-6882
2018-03-27 16:29:00
openvas
openvas
Zimbra < 8.7.11 Patch 1 XSS Vulnerability
2018-03-29 00:00:00
attackerkb
attackerkb
CVE-2018-6882
2018-03-27 00:00:00
hivepro
hivepro
Old Zimbra vulnerability used to target Ukrainian Government Organizations
2022-04-18 13:31:31
Weekly Threat Digest: 11 – 17 April 2022
2022-04-21 04:59:07
nvd
nvd
CVE-2018-6882
2018-03-27 16:29:00
cisa_kev
cisa_kev
Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
2022-04-19 00:00:00