CVE-2023-50808

Name of the Vulnerable Software and Affected Versions Zimbra Collaboration versions prior to Kepler 9.0.0 Patch 38 GA

Description The issue allows DOM-based JavaScript injection in the Modern UI. This could potentially lead to malicious script execution. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For versions prior to Kepler 9.0.0 Patch 38 GA, update to Kepler 9.0.0 Patch 38 GA or later to resolve the issue. As a temporary workaround, consider restricting access to the Modern UI until a patch is applied.