cvelist/2017/8xxx/CVE-2017-8802.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "cve@mitre.org",
      "ID" : "CVE-2017-8802",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "n/a",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "n/a"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "n/a"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.8.0 Beta2 might allow remote attackers to inject arbitrary web script or HTML via vectors related to the \"Show Snippet\" functionality."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "n/a"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "20180111 CVE-2017-8802 Zimbra Collaboration Suite - Stored Cross-Site Scripting",
            "refsource" : "BUGTRAQ",
            "url" : "http://www.securityfocus.com/archive/1/541661/100/0/threaded"
         },
         {
            "name" : "https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2018-001_zimbra_stored_xss.txt",
            "refsource" : "MISC",
            "url" : "https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2018-001_zimbra_stored_xss.txt"
         },
         {
            "name" : "https://bugzilla.zimbra.com/show_bug.cgi?id=107925",
            "refsource" : "CONFIRM",
            "url" : "https://bugzilla.zimbra.com/show_bug.cgi?id=107925"
         },
         {
            "name" : "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories",
            "refsource" : "CONFIRM",
            "url" : "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
			`"ASSIGNER" : "cve@mitre.org",`
			`"ID" : "CVE-2017-8802",`
- Synchronized data. 2018-01-16 14:04:10 -05:00			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "n/a",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "n/a"`
			`}`
			`]`
			`}`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
- Synchronized data. 2018-01-16 14:04:10 -05:00			`"value" : "Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.8.0 Beta2 might allow remote attackers to inject arbitrary web script or HTML via vectors related to the \"Show Snippet\" functionality."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "20180111 CVE-2017-8802 Zimbra Collaboration Suite - Stored Cross-Site Scripting",`
			`"refsource" : "BUGTRAQ",`
- Synchronized data. 2018-10-09 15:05:48 -04:00			`"url" : "http://www.securityfocus.com/archive/1/541661/100/0/threaded"`
- Synchronized data. 2018-01-16 14:04:10 -05:00			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2018-001_zimbra_stored_xss.txt",`
			`"refsource" : "MISC",`
- Synchronized data. 2018-01-16 14:04:10 -05:00			`"url" : "https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2018-001_zimbra_stored_xss.txt"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://bugzilla.zimbra.com/show_bug.cgi?id=107925",`
			`"refsource" : "CONFIRM",`
- Synchronized data. 2018-01-16 14:04:10 -05:00			`"url" : "https://bugzilla.zimbra.com/show_bug.cgi?id=107925"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories",`
			`"refsource" : "CONFIRM",`
- Synchronized data. 2018-01-16 14:04:10 -05:00			`"url" : "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
			`]`
			`}`
			`}`