CVE-2022-24682 - Zimbra Webmail Cross-Site Scripting Vulnerability

CVE-2022-24682: Zimbra | Webmail

Date Added:
2022-02-25

Due Date:
2022-03-11

Vulnerability Name: Zimbra Webmail Cross-Site Scripting Vulnerability

Description: Zimbra webmail clients running versions 8.8.15 P29 & P30 contain a XSS vulnerability that would allow attackers to steal session cookie files.

Known To Be Used in Ransomware Campaigns?: Known

Action: Apply updates per vendor instructions.

Additional Notes: https://nvd.nist.gov/vuln/detail/CVE-2022-24682

Free security scan for your website

Don't show website scan report rating on the leaderboard