Conversation
cisakevtracker@mastodon.social

CISA KEV Tracker

CVE ID: CVE-2024-27443
Vendor: Synacor
Product: Zimbra Collaboration Suite (ZCS)
Date Added: 2025-05-19
Vulnerability: Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
Notes: https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P46#Security_Fixes ; https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P39#Security_Fixes ; https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.7#Security_Fixes ; https://nvd.nist.gov/vuln/detail/CVE-2024-27443
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-27443

0
0
0
buherator

buherator

I found that CVE-2024-27443 doesn't qualify for XSS Reflections as it seems to be a stored XSS. Pretty neat vuln though!

https://github.com/v-p-b/xss-reflections

RE: https://mastodon.social/@cisakevtracker/114535804613431399
0
0
1
About infosec.place

Terms of Service

This is a placeholder, overwrite this by putting a file at 

$STATIC_DIR/static/terms-of-service.html

See the Static Directory docs for more info.