admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 10:16:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

add CVE-2019-9670

Browse Source
This commit is contained in:
tardc 2020-12-03 20:08:21 +08:00
parent fde03fbfad
commit 8404374790
2 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
Zimbra/CVE-2019-9670/CVE-2019-9670.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 267 KiB

11
Zimbra/CVE-2019-9670/README.md Normal file
View File

@ -0,0 +1,11 @@
# CVE-2019-9670 Zimbra XXE
mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability.
**Affected version**: Zimbra Collaboration Suite 8.7.0 - 8.7.11
**[FOFA](https://fofa.so/result?q=app%3D%22Zimbra%22&qbase64=YXBwPSJaaW1icmEi&file=&file=) query rule**: app="Zimbra"
# Demo
![](CVE-2019-9670.gif)