Cross-Site Scripting Flaw in Zimbra Collaboration Suite
CVE-2013-1938
6.1MEDIUM
What is CVE-2013-1938?
Zimbra Collaboration Suite 2013 has a Cross-Site Scripting (XSS) vulnerability in the 'aspell.php' file, allowing attackers to inject malicious scripts into web pages viewed by users. Successfully exploiting this flaw can lead to unauthorized access to sensitive information or manipulation of the user's session, posing significant risks to users' data integrity and security.
Affected Version(s)
Zimbra 2013