Zimbra Collaboration Suite CVE-2018-14013 Multiple Cross-Site Scripting Vulnerabilities
BID:106787
CVE-2018-14013 |Info
Zimbra Collaboration Suite CVE-2018-14013 Multiple Cross-Site Scripting Vulnerabilities
| Bugtraq ID: | 106787 |
| Class: | Input Validation Error |
| CVE: |
CVE-2018-14013 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 30 2019 12:00AM |
| Updated: | Jan 30 2019 12:00AM |
| Credit: | Issam Rabhi <i.rabhi () sysdream com> |
| Vulnerable: |
Zimbra Collaboration Suite 8.8.10 Zimbra Collaboration Suite 8.8.9 Zimbra Collaboration Suite 8.7.6 Zimbra Collaboration Suite 8.7.1 Zimbra Collaboration Suite 8.0.5 Zimbra Collaboration Suite 8.0.4 Zimbra Collaboration Suite 8.0.3 Zimbra Collaboration Suite 8.0.2 Zimbra Collaboration Suite 8.0.1 Zimbra Collaboration Suite 8.0.0 |
| Not Vulnerable: |
Zimbra Collaboration Suite 8.8.10 Patch 1 Zimbra Collaboration Suite 8.8.9 Patch 6 |
Exploit / POC
Zimbra Collaboration Suite CVE-2018-14013 Multiple Cross-Site Scripting Vulnerabilities
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
References
Zimbra Collaboration Suite CVE-2018-14013 Multiple Cross-Site Scripting Vulnerabilities
References:
References:
- [CVE-2018-14013] Reflected Cross-Site Scripting (XSS) vulnerabilities in Zimbra (Seclists.org)
- NEW Zimbra Patches: 8.8.10 Patch 1 + 8.8.9 Patch 6 (Zimbra)
- Zimbra Desktop Homepage (VMware Zimbra)