Vulnerability Details CVE-2023-43102
An issue was discovered in Zimbra Collaboration (ZCS) before 10.0.4. An XSS issue can be exploited to access the mailbox of an authenticated user. This is also fixed in 8.8.15 Patch 43 and 9.0.0 Patch 36.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.2%
CVSS Severity
CVSS v3 Score 6.1
References
Products affected by CVE-2023-43102
-
cpe:2.3:a:zimbra:collaboration:-
-
cpe:2.3:a:zimbra:collaboration:10.0.0
-
cpe:2.3:a:zimbra:collaboration:10.0.1
-
cpe:2.3:a:zimbra:collaboration:10.0.2
-
cpe:2.3:a:zimbra:collaboration:10.0.3
-
cpe:2.3:a:zimbra:collaboration:8.7.10
-
cpe:2.3:a:zimbra:collaboration:8.7.11
-
cpe:2.3:a:zimbra:collaboration:8.7.6
-
cpe:2.3:a:zimbra:collaboration:8.7.7
-
cpe:2.3:a:zimbra:collaboration:8.7.9
-
cpe:2.3:a:zimbra:collaboration:8.8
-
cpe:2.3:a:zimbra:collaboration:8.8.0
-
cpe:2.3:a:zimbra:collaboration:8.8.10
-
cpe:2.3:a:zimbra:collaboration:8.8.11
-
cpe:2.3:a:zimbra:collaboration:8.8.12
-
cpe:2.3:a:zimbra:collaboration:8.8.15
-
cpe:2.3:a:zimbra:collaboration:8.8.2
-
cpe:2.3:a:zimbra:collaboration:8.8.3
-
cpe:2.3:a:zimbra:collaboration:8.8.4
-
cpe:2.3:a:zimbra:collaboration:8.8.6
-
cpe:2.3:a:zimbra:collaboration:8.8.7
-
cpe:2.3:a:zimbra:collaboration:8.8.8
-
cpe:2.3:a:zimbra:collaboration:8.8.9
-
cpe:2.3:a:zimbra:collaboration:9.0.0