CVE-2023-34192: Synacor Zimbra Collaboration Suite (ZCS) Cross-Site

Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability. Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting (XSS) vulnerability that allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function.

• CISA KEV-listed (remediation due 2025-03-18)
• EPSS 89.6% (99.6% percentile)

Browse the CVE database

Read the full analysis on IntelFusions