CVE-2023-34192

KEV

Published: Lug 06, 2023 Last Modified: Ott 27, 2025

ExploitDB:

Other exploit source:

Google Dorks:

CRITICAL 9,0

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: low

User Interaction: required

Scope: changed

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,8944

Percentile

1,0th

Updated

EPSS Score Trend (Last 90 Days)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Stable

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Access Control Confidentiality Integrity Availability

Potential Impacts:

Bypass Protection Mechanism Read Application Data Execute Unauthorized Code Or Commands

Applicable Platforms

Technologies: AI/ML, Web Based, Web Server

Likelihood of Exploit: High

View CWE Details

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p27:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p15:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p19:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p8:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p20:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p36:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p18:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p25:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p32:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p30:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p37:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p16:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p31.1:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p29:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p38:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p22:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p17:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p2:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p11:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p34:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p23:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p28:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p21:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p26:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p39:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:-:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p5:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p35:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p7:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p10:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p9:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p4:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p33:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p14:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p6:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p13:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p3:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p24:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p12:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p31:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Zimbra Collaboration Suite by Synacor

Product Information

Vendor Synacor

Product Zimbra Collaboration Suite

Version 8.8.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p1:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://www.cisa.gov/known-exploited-vulnerabilities-catalo…

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023…

https://wiki.zimbra.com/wiki/Security_Center

https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_…

https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy

https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

https://wiki.zimbra.com/wiki/Security_Center

https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_…

https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy

https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories