Persistent XSS Vulnerability in Zimbra Web Client (ZWC) via Contact Group

Persistent XSS Vulnerability in Zimbra Web Client (ZWC) via Contact Group

CVE-2018-10939 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Zimbra Web Client (ZWC) in Zimbra Collaboration Suite 8.8 before 8.8.8.Patch4 and 8.7 before 8.7.11.Patch4 has Persistent XSS via a contact group.

Learn more about our Web App Pen Testing.