CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-45510

An issue was discovered in Zimbra Collaboration (ZCS) through 10.0. Zimbra Webmail (Modern UI) is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper sanitization of user input. This allows an attacker to inject malicious code into specific fields of an e-mail message. When the victim adds the attacker to their contacts, the malicious code is stored and executed when viewing the contact list. This can lead to unauthorized actions such as arbitrary mail sending, mailbox exfiltration, profile picture alteration, and other malicious actions. Proper sanitization and escaping of input fields are necessary to mitigate this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.4%

CVSS Severity

CVSS v3 Score 5.4

References

Products affected by CVE-2024-45510

Synacor » Zimbra Collaboration Suite » Version: 10.0.0

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.0
Synacor » Zimbra Collaboration Suite » Version: 10.0.1

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.1
Synacor » Zimbra Collaboration Suite » Version: 10.0.2

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.2
Synacor » Zimbra Collaboration Suite » Version: 10.0.3

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.3
Synacor » Zimbra Collaboration Suite » Version: 10.0.4

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.4
Synacor » Zimbra Collaboration Suite » Version: 10.0.5

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.5
Synacor » Zimbra Collaboration Suite » Version: 10.0.6

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.6
Synacor » Zimbra Collaboration Suite » Version: 10.0.7

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.7
Synacor » Zimbra Collaboration Suite » Version: 10.0.8

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.8
Synacor » Zimbra Collaboration Suite » Version: 6.0.0

cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.0
Synacor » Zimbra Collaboration Suite » Version: 6.0.1

cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.1
Synacor » Zimbra Collaboration Suite » Version: 6.0.10

cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.10
Synacor » Zimbra Collaboration Suite » Version: 6.0.12

cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.12
Synacor » Zimbra Collaboration Suite » Version: 6.0.13

cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.13
Synacor » Zimbra Collaboration Suite » Version: 6.0.14

cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.14
Synacor » Zimbra Collaboration Suite » Version: 6.0.15

cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.15
Synacor » Zimbra Collaboration Suite » Version: 6.0.16

cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.16
Synacor » Zimbra Collaboration Suite » Version: 6.0.2

cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.2
Synacor » Zimbra Collaboration Suite » Version: 6.0.3

cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.3
Synacor » Zimbra Collaboration Suite » Version: 6.0.4

cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.4
Synacor » Zimbra Collaboration Suite » Version: 6.0.5

cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.5
Synacor » Zimbra Collaboration Suite » Version: 6.0.6

cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.6
Synacor » Zimbra Collaboration Suite » Version: 6.0.7

cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.7
Synacor » Zimbra Collaboration Suite » Version: 6.0.8

cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.8
Synacor » Zimbra Collaboration Suite » Version: 6.0.9

cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.9
Synacor » Zimbra Collaboration Suite » Version: 7.2.7

cpe:2.3:a:synacor:zimbra_collaboration_suite:7.2.7
Synacor » Zimbra Collaboration Suite » Version: 8.0.0

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.0
Synacor » Zimbra Collaboration Suite » Version: 8.0.1

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.1
Synacor » Zimbra Collaboration Suite » Version: 8.0.2

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.2
Synacor » Zimbra Collaboration Suite » Version: 8.0.3

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.3
Synacor » Zimbra Collaboration Suite » Version: 8.0.4

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.4
Synacor » Zimbra Collaboration Suite » Version: 8.0.5

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.5
Synacor » Zimbra Collaboration Suite » Version: 8.0.6

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.6
Synacor » Zimbra Collaboration Suite » Version: 8.0.7

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.7
Synacor » Zimbra Collaboration Suite » Version: 8.0.8

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.8
Synacor » Zimbra Collaboration Suite » Version: 8.0.9

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.9
Synacor » Zimbra Collaboration Suite » Version: 8.5.0

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.5.0
Synacor » Zimbra Collaboration Suite » Version: 8.5.1

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.5.1
Synacor » Zimbra Collaboration Suite » Version: 8.6.0

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0
Synacor » Zimbra Collaboration Suite » Version: 8.7.0

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.0
Synacor » Zimbra Collaboration Suite » Version: 8.7.1

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.1
Synacor » Zimbra Collaboration Suite » Version: 8.7.10

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.10
Synacor » Zimbra Collaboration Suite » Version: 8.7.11

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11
Synacor » Zimbra Collaboration Suite » Version: 8.7.2

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.2
Synacor » Zimbra Collaboration Suite » Version: 8.7.3

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.3
Synacor » Zimbra Collaboration Suite » Version: 8.7.4

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.4
Synacor » Zimbra Collaboration Suite » Version: 8.7.5

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.5
Synacor » Zimbra Collaboration Suite » Version: 8.7.6

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.6
Synacor » Zimbra Collaboration Suite » Version: 8.7.7

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.7
Synacor » Zimbra Collaboration Suite » Version: 8.7.8

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.8
Synacor » Zimbra Collaboration Suite » Version: 8.7.9

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.9
Synacor » Zimbra Collaboration Suite » Version: 8.8.0

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.0
Synacor » Zimbra Collaboration Suite » Version: 8.8.10

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.10
Synacor » Zimbra Collaboration Suite » Version: 8.8.11

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.11
Synacor » Zimbra Collaboration Suite » Version: 8.8.12

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.12
Synacor » Zimbra Collaboration Suite » Version: 8.8.15

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15
Synacor » Zimbra Collaboration Suite » Version: 8.8.2

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.2
Synacor » Zimbra Collaboration Suite » Version: 8.8.3

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.3
Synacor » Zimbra Collaboration Suite » Version: 8.8.4

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.4
Synacor » Zimbra Collaboration Suite » Version: 8.8.5

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.5
Synacor » Zimbra Collaboration Suite » Version: 8.8.6

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.6
Synacor » Zimbra Collaboration Suite » Version: 8.8.7

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.7
Synacor » Zimbra Collaboration Suite » Version: 8.8.8

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8
Synacor » Zimbra Collaboration Suite » Version: 8.8.9

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9
Synacor » Zimbra Collaboration Suite » Version: 9.0.0

cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-45510

Products

Pricing

Contact Us