Unrated severityNVD Advisory· Published Jul 2, 2020· Updated Aug 4, 2024
CVE-2020-13653
CVE-2020-13653
Description
An XSS vulnerability exists in the Webmail component of Zimbra Collaboration Suite before 8.8.15 Patch 11. It allows an attacker to inject executable JavaScript into the account name of a user's profile. The injected code can be reflected and executed when changing an e-mail signature.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Zimbra/Collaboration Suitedescription
- Range: <8.8.15 Patch 11
Patches
Vulnerability mechanics
References
4- wiki.zimbra.com/wiki/Security_Centermitrex_refsource_MISC
- wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P11mitrex_refsource_CONFIRM
- wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P4mitrex_refsource_MISC
- wiki.zimbra.com/wiki/Zimbra_Security_Advisoriesmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.