CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Zimbra: >> Collaboration >> 10.0.12 Security Vulnerabilities

CVE-2024-45515

An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A Cross-Site Scripting (XSS) vulnerability exists in Zimbra webmail due to insufficient validation of the content type metadata when importing files into the briefcase. Attackers can exploit this issue by crafting a file with manipulated metadata, allowing them to bypass content type checks and execute arbitrary JavaScript within the victim's session.

CVSS Score

6.1

EPSS Score

0.001

Published

2025-07-30

Page 1

Vulnerabilities

Vulnerable Software

Zimbra: >> Collaboration >> 10.0.12 Security Vulnerabilities

Products

Pricing

Contact Us