Stored XSS Vulnerability in Zimbra Collaboration Webmail
CVE-2024-45512
Currently unrated
What is CVE-2024-45512?
A vulnerability has been identified in the Zimbra Collaboration webmail system that allows an attacker to create a malicious payload within a folder in the Briefcase module. When this malicious folder is shared with a victim, the attacker can execute a script in the victim's browser upon interaction with the folder share notification. This stored XSS vulnerability can enable unauthorized actions and compromise the integrity of user sessions.