An issue was discovered in webmail in Zimbra Collaboration (ZCS) through 10.1. An attacker can exploit this vulnerability by creating a folder in the Briefcase module with a malicious payload and sharing it with a victim. When the victim interacts with the folder share notification, the malicious script executes in their browser. This stored Cross-Site Scripting (XSS) vulnerability can lead to unauthorized actions within the victim's session.
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
| Link | Tags |
|---|---|
| https://wiki.zimbra.com/wiki/Security_Center | vendor advisory |
| https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy | product |
| https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.1#Security_Fixes | release notes |
| https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.9#Security_Fixes | release notes |
| https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P41#Security_Fixes | release notes |