mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-07 05:28:59 +00:00
33 lines
1.3 KiB
JSON
33 lines
1.3 KiB
JSON
{
|
|
"id": "CVE-2023-48432",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2024-02-13T16:15:08.380",
|
|
"lastModified": "2024-02-13T18:23:02.393",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and 10.0. XSS, with resultant session stealing, can occur via JavaScript code in a link (for a webmail redirection endpoint) within en email message, e.g., if a victim clicks on that link within Zimbra webmail."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Se descubri\u00f3 un problema en Zimbra Collaboration (ZCS) 8.8.15, 9.0 y 10.0. XSS, con el consiguiente robo de sesiones, puede ocurrir a trav\u00e9s de c\u00f3digo JavaScript en un enlace (para un endpoint de redirecci\u00f3n de correo web) dentro de un mensaje de correo electr\u00f3nico, por ejemplo, si una v\u00edctima hace clic en ese enlace dentro del correo web de Zimbra."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "https://wiki.zimbra.com/wiki/Security_Center",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |