THREATOPS
THREAT OPSCVEs › CVE-2022-27926

CVE-2022-27926 — Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability

CISA KEVExploited: confirmedSynacor

Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability by allowing an endpoint URL to accept parameters without sanitizing.

Vulnerability details