Security Advisory

CVE-2020-13653

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-07-02 15:15:44

Last updated 2024-08-04 12:25:16

Assigner mitre

State PUBLISHED

Description

An XSS vulnerability exists in the Webmail component of Zimbra Collaboration Suite before 8.8.15 Patch 11. It allows an attacker to inject executable JavaScript into the account name of a users profile. The injected code can be reflected and executed when changing an e-mail signature.

← Browse all CVEs View on cve.org ↗