CVE-2022-27926
Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
CVSS
—
Sin CVSS
EPSS
17.6%
p97
KEV
SÍ
3 abr 2023
Exploit Today
79
0-100
Publicado: — · Última mod.: —
17.3%EPSS · 30 días17.6%
2026-06-302026-07-16
Producto
Synacor / Zimbra Collaboration Suite (ZCS)
Vulnerabilidad
Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
Añadido a KEV
3 abr 2023
Remediar antes de
24 abr 2023
Uso conocido en ransomware
No
Descripción resumida
Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability by allowing an endpoint URL to accept parameters without sanitizing.
Acción requerida
Apply updates per vendor instructions.
Notas
https://wiki.zimbra.com/wiki/Security_Center; https://nvd.nist.gov/vuln/detail/CVE-2022-27926
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2024-45519—100.0%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Command Execution Vulnerability—CVE-2019-9670—100.0%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference—CVE-2022-27925—99.9%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability—CVE-2022-41352—99.9%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability—CVE-2022-37042—99.8%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Authentication Bypass Vulnerability—CVE-2022-27924—99.7%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Command Injection Vulnerability—