nvd-json-data-feeds/CVE-2023/CVE-2023-452xx/CVE-2023-45206.json

{
  "id": "CVE-2023-45206",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-02-13T16:15:08.257",
  "lastModified": "2024-02-13T18:23:02.393",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and 10.0. Through the help document endpoint in webmail, an attacker can inject JavaScript or HTML code that leads to cross-site scripting (XSS). (Adding an adequate message to avoid malicious code will mitigate this issue.)"
    },
    {
      "lang": "es",
      "value": "Se descubri\u00f3 un problema en Zimbra Collaboration (ZCS) 8.8.15, 9.0 y 10.0. A trav\u00e9s del endpoint del documento de ayuda en el correo web, un atacante puede inyectar c\u00f3digo JavaScript o HTML que conduzca a Cross-Site Scripting (XSS). (Agregar un mensaje adecuado para evitar c\u00f3digo malicioso mitigar\u00e1 este problema)."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://wiki.zimbra.com/wiki/Security_Center",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories",
      "source": "cve@mitre.org"
    }
  ]
}