CVE-2018-14013
MEDIUM NUCLEISynacor Zimbra Collaboration Suite <8.8.11 - XSS
Title source: llmDescription
Synacor Zimbra Collaboration Suite Collaboration before 8.8.11 has XSS in the AJAX and html web clients.
Nuclei Templates (1)
Synacor Zimbra Collaboration Suite Collaboration <8.8.11 - Cross-Site Scripting
MEDIUMby pikpikcu
Shodan:
http.title:"zimbra collaboration suite" || http.title:"zimbra web client sign in"
FOFA:
title="zimbra web client sign in" || title="zimbra collaboration suite"
References (7)
Scores
CVSS v3
6.1
EPSS
0.2295
EPSS Percentile
95.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (5)
synacor/zimbra_collaboration_suite
8.7.11 (7 CPE variants)
synacor/zimbra_collaboration_suite
8.8.9 (7 CPE variants)
synacor/zimbra_collaboration_suite
8.8.10 (4 CPE variants)
synacor/zimbra_collaboration_suite
8.8.11
synacor/zimbra_collaboration_suite
< 8.7.11
Published
May 29, 2019
Tracked Since
Feb 18, 2026