CVE-2024-45516

EPSS 0.12%
Veröffentlicht 14.05.2025 00:00:00
Zuletzt bearbeitet 11.06.2025 21:20:29
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

An issue was discovered in Zimbra Collaboration (ZCS) 9.0.0 before Patch 43, 10.0.x before 10.0.12, 10.1.x before 10.1.4, and 8.8.15 before Patch 47. A Cross-Site Scripting (XSS) vulnerability in the Zimbra Classic UI allows attackers to execute arbitrary JavaScript within the user's session, potentially leading to unauthorized access to sensitive information. This issue arises from insufficient sanitization of HTML content, including malformed <img> tags with embedded JavaScript. The vulnerability is triggered when a user views a specially crafted email in the Classic UI, requiring no additional user interaction.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Synacor ≫ Zimbra Collaboration Suite Version >= 10.0.0 < 10.0.12

Synacor ≫ Zimbra Collaboration Suite Version >= 10.1.0 < 10.1.4

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Update-

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep1

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep10

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep11

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep12

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep13

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep14

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep15

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep16

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep17

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep18

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep19

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep2

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep20

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep21

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep22

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep23

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep24

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep25

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep26

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep27

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep28

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep29

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep3

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep30

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep31

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep31.1

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep32

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep33

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep34

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep35

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep36

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep37

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep38

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep39

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep4

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep40

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep41

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep42

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep43

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep44

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep45

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep46

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep5

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep6

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep7

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep8

Synacor ≫ Zimbra Collaboration Suite Version8.8.15 Updatep9

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Update-

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep1

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep10

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep11

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep12

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep13

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep14

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep15

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep16

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep17

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep18

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep19

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep2

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep20

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep21

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep22

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep23

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep24

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep24.1

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep25

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep26

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep27

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep28

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep29

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep3

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep30

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep31

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep32

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep33

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep34

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep35

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep36

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep37

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep38

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep39

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep4

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep40

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep41

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep42

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep5

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep6

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep7

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep8

Synacor ≫ Zimbra Collaboration Suite Version9.0.0 Updatep9

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.12%	0.317

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

Vendor Advisory

https://wiki.zimbra.com/wiki/Security_Center

Vendor Advisory

https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy

Product

https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2024-45516

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-45516

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-45516

EUVD