{"uuid": "22baf47b-8872-4976-8b26-83864dce3dab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41348", "type": "published-proof-of-concept", "source": "https://t.me/RespaldoHackingTeam/682", "content": "\ud83d\udca5Stored XSS in Zimbra version 8.8.15_GA_4059(CVE-2022-41348)\nThe Zimbra web client application allows users to create Conversations. It was discovered that the name of the Conversation is not properly encoded once displayed to users. For instance, creating a new conversation with the following name would trigger the execution of JavaScript code: \"This is a new conversation meeting - \"", "creation_timestamp": "2023-04-13T07:13:08.000000Z"}