| Max CVSS | 7.5 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-35123 | 4.0 |
In Zimbra Collaboration Suite Network Edition versions < 9.0.0 P10 and 8.8.15 P17, there exists an XXE vulnerability in the saml consumer store extension, which is vulnerable to XXE attacks. This has been fixed in Zimbra Collaboration Suite Network e
|
22-12-2020 - 17:26 | 17-12-2020 - 04:15 | |
| CVE-2015-7610 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows remote attackers to hijack the authentication of unspe
|
04-06-2020 - 12:32 | 30-05-2018 - 21:29 | |
| CVE-2018-10939 | 4.3 |
Zimbra Web Client (ZWC) in Zimbra Collaboration Suite 8.8 before 8.8.8.Patch4 and 8.7 before 8.7.11.Patch4 has Persistent XSS via a contact group.
|
04-06-2020 - 12:32 | 30-05-2018 - 21:29 | |
| CVE-2017-6821 | 7.5 |
Directory traversal vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.7.6 allows attackers to have unspecified impact via unknown vectors.
|
04-06-2020 - 12:10 | 23-05-2017 - 04:29 | |
| CVE-2017-6813 | 7.5 |
A service provided by Zimbra Collaboration Suite (ZCS) before 8.7.6 fails to require needed privileges before performing a few requested operations.
|
04-06-2020 - 12:10 | 23-05-2017 - 04:29 | |
| CVE-2016-9924 | 7.5 |
Zimbra Collaboration Suite (ZCS) before 8.7.4 allows remote attackers to conduct XML External Entity (XXE) attacks.
|
04-06-2020 - 12:10 | 29-03-2017 - 14:59 | |
| CVE-2017-8783 | 3.5 |
Synacor Zimbra Collaboration Suite (ZCS) before 8.7.10 has Persistent XSS.
|
23-02-2018 - 15:14 | 04-02-2018 - 01:29 |