CVE-2018-6882
Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
CVSS
—
No CVSS
EPSS
23.7%
p98
KEV
YES
Apr 19, 2022
Exploit Today
79
0-100
Published: — · Last modified: —
23.7%EPSS · 30 days23.7%
2026-06-302026-07-16
Product
Synacor / Zimbra Collaboration Suite (ZCS)
Vulnerability
Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
Added to KEV
Apr 19, 2022
Remediate by
May 10, 2022
Known ransomware use
Yes
Summary description
Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that might allow remote attackers to inject arbitrary web script or HTML.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-6882
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2024-45519—100.0%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Command Execution Vulnerability—CVE-2019-9670—100.0%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference—CVE-2022-27925—99.9%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability—CVE-2022-41352—99.9%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability—CVE-2022-37042—99.8%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Authentication Bypass Vulnerability—CVE-2022-27924—99.7%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Command Injection Vulnerability—