Unrated severityNVD Advisory· Published Feb 13, 2024· Updated Mar 25, 2025
CVE-2023-48432
CVE-2023-48432
Description
An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and 10.0. XSS, with resultant session stealing, can occur via JavaScript code in a link (for a webmail redirection endpoint) within en email message, e.g., if a victim clicks on that link within Zimbra webmail.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 8.8.15, 9.0, 10.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.