vulnerability
Synacor Zimbra Collaboration Suite: XML External Entity Injection (XXE) (CVE-2019-9670)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | May 29, 2019 | May 12, 2021 | May 3, 2022 |
Severity
9
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
May 29, 2019
Added
May 12, 2021
Modified
May 3, 2022
Description
mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability.
Solution
synacor-zimbra-collaboration-suite-upgrade-8.7.11p10
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.