433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (727) 493-2351
A critical cross site scripting (XSS) vulnerability (CVE-2023-34192) in popular open source email collaboration suite Zimbra is being exploited by attackers. About the vulnerability (CVE-2023-34192) CVE-2023-34192 could allow a remote authenticated threat actor to execute arbitrary code through a crafted script to the /h/autoSaveDraft function. It affects Zimbra Collaboration Suite (ZCS) v.8.8.15. The company has provided admins with instruction on how to apply the fix manually, by editing a single data file. “This vulnerability has … More → The post Critical XSS vulnerability in Zimbra exploited in the wild (CVE-2023-34192) appeared first on Help Net Security.
http://news.poseidon-us.com/SsJZQ8