Vulnerability Details CVE-2015-7609
Synacor Zimbra Mail Client 8.6 before 8.6.0 Patch 5 has XSS via the error/warning dialog and email body content in Zimbra.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.7%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://bugzilla.zimbra.com/show_bug.cgi?id=101435
- https://bugzilla.zimbra.com/show_bug.cgi?id=101436
- https://wiki.zimbra.com/wiki/Security_Center
- https://www.fortiguard.com/zeroday/FG-VD-15-080
- https://www.fortiguard.com/zeroday/FG-VD-15-081
- https://bugzilla.zimbra.com/show_bug.cgi?id=101435
- https://bugzilla.zimbra.com/show_bug.cgi?id=101436
- https://wiki.zimbra.com/wiki/Security_Center
- https://www.fortiguard.com/zeroday/FG-VD-15-080
- https://www.fortiguard.com/zeroday/FG-VD-15-081
Products affected by CVE-2015-7609
-
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0