Unrated severityNVD Advisory· Published Jun 15, 2023· Updated Dec 18, 2024
CVE-2023-24030
CVE-2023-24030
Description
An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0 and 8.8.15. To exploit the vulnerability, an attacker would need to have obtained a valid zimbra auth token or a valid preauth token. Once the token is obtained, an attacker could redirect a user to any URL if url sanitisation is bypassed in incoming requests. NOTE: this is similar, but not identical, to CVE-2021-34807.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=9.0, <=8.8.15
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.