HomeSynacorCVE-2023-34192

CVE-2023-34192

CRITICAL
9.0CVSS
Published: 2023-07-06
Updated: 2025-10-27
AI Analysis

Description

Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function.

CVSS Metrics

Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Attack Vector
network
Complexity
low
Privileges
low
User Action
required
Scope
changed
Confidentiality
high
Integrity
high
Availability
high
Weaknesses
CWE-79CWE-79

Metadata

Primary Vendor
SYNACOR
Published
7/6/2023
Last Modified
10/27/2025
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

synacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suitesynacor : zimbra_collaboration_suite

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD
CVE-CVE-2023-34192 | CRITICAL Severity | CVEDatabase.com | CVEDatabase.com