Conversation
AttackerKB
attackerkb
New assessment for topic: CVE-2023-37580
Topic description: "Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web Client. ..."
"Per Google's Threat Analysis Group (TAG), this bug was [exploited as a zero-day](https://blog.google/threat-analysis-group/zimbra-0-day-used-to-target-international-government-organizations/) and has been used by at least four different threat actors to "steal email data, user credentials, and authentication tokens." Threat campaigns have targeted Greece, Moldova, Tunisia, Vietnam, and Pakistan ..."
Link: https://www.attackerkb.com/assessments/2c2c49bb-bf2d-493d-8073-3fc921a59355
Topic description: "Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web Client. ..."
"Per Google's Threat Analysis Group (TAG), this bug was [exploited as a zero-day](https://blog.google/threat-analysis-group/zimbra-0-day-used-to-target-international-government-organizations/) and has been used by at least four different threat actors to "steal email data, user credentials, and authentication tokens." Threat campaigns have targeted Greece, Moldova, Tunisia, Vietnam, and Pakistan ..."
Link: https://www.attackerkb.com/assessments/2c2c49bb-bf2d-493d-8073-3fc921a59355
0
0
0