CVE-2023-34192

CRITICAL KEV NUCLEI

Zimbra Collaboration Suite 8.8.15 - Authenticated Stored Cross-Site Scripting via /h/autoSaveDraft

Title source: llm

Exploitation Summary

CVE-2023-34192 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added February 25, 2025. A Nuclei detection template is also available.

Description

Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function.

Nuclei Templates (1)

Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting

CRITICALby ritikchaddha

Shodan: http.favicon.hash:475145467 || http.favicon.hash:"1624375939" || http.favicon.hash:"475145467"

FOFA: icon_hash="475145467" || icon_hash="1624375939" || app="zimbra-邮件系统"

References (4)

Core 4

Core References

Release Notes, Vendor Advisory

https://wiki.zimbra.com/wiki/Security_Center

Not Applicable

https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy

Vendor Advisory

https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-34192

Scores

CVSS v3 9.0

EPSS 0.8962

EPSS Percentile 99.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation active

Automatable no

Technical Impact total

Details

CISA KEV 2025-02-25

VulnCheck KEV 2025-02-25

InTheWild.io 2023-07-20

ENISA EUVD EUVD-2023-38291

CWE

CWE-79

Status published

Products (1)

synacor/zimbra_collaboration_suite 8.8.15 (41 CPE variants)

Published Jul 06, 2023

KEV Added Feb 25, 2025

Tracked Since Feb 18, 2026