THREATOPS
THREAT OPSCVEs › CVE-2023-34192

CVE-2023-34192 — Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability

CISA KEVExploited: confirmedSynacor

Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting (XSS) vulnerability that allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function.

Vulnerability details