XSS Vulnerability in Zimbra Collaboration (ZCS) 9.0 via onerror Attribute

CVE-2022-41348 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

An issue was discovered in Zimbra Collaboration (ZCS) 9.0. XSS can occur via the onerror attribute of an IMG element, leading to information disclosure.

Learn more about our Web Application Penetration Testing UK.