Description
An issue was discovered in Zimbra Collaboration (ZCS) 9.0. XSS can occur via one of attributes in webmail URLs to execute arbitrary JavaScript code, leading to information disclosure.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2022-48758 | An issue was discovered in Zimbra Collaboration (ZCS) 9.0. XSS can occur via one of attributes in webmail URLs to execute arbitrary JavaScript code, leading to information disclosure. |
References
History
Wed, 16 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Wed, 09 Apr 2025 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-04-09T20:33:00.389Z
Reserved: 2022-11-26T00:00:00.000Z
Link: CVE-2022-45913
Vulnrichment
Updated: 2024-08-03T14:24:03.188Z
NVD
Status : Modified
Published: 2023-01-06T23:15:09.743
Modified: 2025-04-09T21:15:43.030
Link: CVE-2022-45913
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses