CVE-2022-24682

Synacor | Zimbra Collaborate Suite (ZCS)Added 2022-02-25Remediation Deadline 2022-03-11Active Ransomware Campaign

Synacor Zimbra Collaborate Suite (ZCS) Cross-Site Scripting Vulnerability

Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting (XSS) vulnerability in the Calendar feature that allows an attacker to execute arbitrary code.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-79

CWE-116

References

https://nvd.nist.gov/vuln/detail/CVE-2022-24682

Cybersecurity Alerts

CVE-2022-24682

Synacor Zimbra Collaborate Suite (ZCS) Cross-Site Scripting Vulnerability

Required Action

Weakness Classification

References