CVE-2022-24682: Synacor Zimbra Collaborate Suite (ZCS) Cross-Site Scripting
Synacor Zimbra Collaborate Suite (ZCS) Cross-Site Scripting Vulnerability. Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting (XSS) vulnerability in the Calendar feature that allows an attacker to execute arbitrary code.
- CISA KEV-listed (remediation due 2022-03-11)
- used in ransomware campaigns
- EPSS 88.6% (99.5% percentile)