CVE-2022-24682
Synacor Zimbra Collaborate Suite (ZCS) Cross-Site Scripting Vulnerability
CVSS
—
No CVSS
EPSS
31.1%
p98
KEV
YES
Feb 25, 2022
Exploit Today
79
0-100
Published: — · Last modified: —
31.1%EPSS · 30 days31.1%
2026-06-302026-07-16
Product
Synacor / Zimbra Collaborate Suite (ZCS)
Vulnerability
Synacor Zimbra Collaborate Suite (ZCS) Cross-Site Scripting Vulnerability
Added to KEV
Feb 25, 2022
Remediate by
Mar 11, 2022
Known ransomware use
Yes
Summary description
Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting (XSS) vulnerability in the Calendar feature that allows an attacker to execute arbitrary code.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-24682
No related CVEs by CWE or product.