CVE-2023-34192

Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability

Description

Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting (XSS) vulnerability that allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function.

Severity: CRITICAL

CVSS Score: 9

Vendor: Synacor

Product: Zimbra Collaboration Suite (ZCS)