all InfoSec news
Critical XSS vulnerability in Zimbra exploited in the wild (CVE-2023-34192)
Help Net Security www.helpnetsecurity.com
A critical cross site scripting (XSS) vulnerability (CVE-2023-34192) in popular open source email collaboration suite Zimbra is being exploited by attackers. About the vulnerability (CVE-2023-34192) CVE-2023-34192 could allow a remote authenticated threat actor to execute arbitrary code through a crafted script to the /h/autoSaveDraft function. It affects Zimbra Collaboration Suite (ZCS) v.8.8.15. The company has provided admins with instruction on how to apply the fix manually, by editing a single data file. “This vulnerability has … More
The post …
0 day actor attackers code collaboration critical cross site scripting cve don't miss email exploited function hot stuff open source popular script scripting security update synacor threat threat actor vulnerability xss zimbra zimbra collaboration suite