Buxu

Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration version 8.8.12 Description: A reflected cross-site scripting (XSS) issue exists, allowing unauthenticated attackers to execute arbitrary web scripts or HTML via a host header injection in the zimbraAdmin/public/secureRequest.jsp component. Recommendations: For Zimbra Collaboration version 8.8.12, update the software to a version that includes a fix for this issue, as using a vulnerable version poses a significant risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.