CVE-2024-27443

12.08.2024, 15:15

An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. A Cross-Site Scripting (XSS) vulnerability exists in the CalendarInvite feature of the Zimbra webmail classic user interface, because of improper input validation in the handling of the calendar header. An attacker can exploit this via an email message containing a crafted calendar header with an embedded XSS payload. When a victim views this message in the Zimbra webmail classic interface, the payload is executed in the context of the victim's session, potentially leading to execution of arbitrary JavaScript code.

Cross-site Scripting

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.1 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
mitre	CNA	---				---
CISA-ADP	ADP	6.1 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 93%

Vendor	Product	Version
zimbra	collaboration	10.0.0 ≤ 𝑥 < 10.0.7
zimbra	collaboration	9.0.0
zimbra	collaboration	9.0.0:p0
zimbra	collaboration	9.0.0:p1
zimbra	collaboration	9.0.0:p10
zimbra	collaboration	9.0.0:p11
zimbra	collaboration	9.0.0:p12
zimbra	collaboration	9.0.0:p13
zimbra	collaboration	9.0.0:p14
zimbra	collaboration	9.0.0:p15
zimbra	collaboration	9.0.0:p16
zimbra	collaboration	9.0.0:p19
zimbra	collaboration	9.0.0:p2
zimbra	collaboration	9.0.0:p20
zimbra	collaboration	9.0.0:p21
zimbra	collaboration	9.0.0:p23
zimbra	collaboration	9.0.0:p24
zimbra	collaboration	9.0.0:p24.1
zimbra	collaboration	9.0.0:p25
zimbra	collaboration	9.0.0:p26
zimbra	collaboration	9.0.0:p27
zimbra	collaboration	9.0.0:p3
zimbra	collaboration	9.0.0:p30
zimbra	collaboration	9.0.0:p31
zimbra	collaboration	9.0.0:p32
zimbra	collaboration	9.0.0:p33
zimbra	collaboration	9.0.0:p34
zimbra	collaboration	9.0.0:p35
zimbra	collaboration	9.0.0:p36
zimbra	collaboration	9.0.0:p37
zimbra	collaboration	9.0.0:p38
zimbra	collaboration	9.0.0:p4
zimbra	collaboration	9.0.0:p5
zimbra	collaboration	9.0.0:p6
zimbra	collaboration	9.0.0:p7
zimbra	collaboration	9.0.0:p7.1
zimbra	collaboration	9.0.0:p8
zimbra	collaboration	9.0.0:p9

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.7#Security_Fixes

https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P39#Security_Fixes

https://www.welivesecurity.com/en/eset-research/operation-roundpress/