Unrated severityNVD Advisory· Published Nov 21, 2024· Updated Nov 21, 2024
CVE-2024-45513
CVE-2024-45513
Description
An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A stored Cross-Site Scripting (XSS) vulnerability exists in the /modern/contacts/print endpoint of Zimbra webmail. This allows an attacker to inject and execute arbitrary JavaScript code in the context of the victim's browser when a crafted vCard (VCF) file is processed and printed. This could lead to unauthorized actions within the victim's session.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=10.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.