vulnerability
Synacor Zimbra Collaboration Suite: XML External Entity Injection (XXE) (CVE-2019-9670)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | May 29, 2019 | May 12, 2021 | May 3, 2022 |
Severity
9
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
May 29, 2019
Added
May 12, 2021
Modified
May 3, 2022
Description
mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability.
Solution
synacor-zimbra-collaboration-suite-upgrade-8.7.11p10
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.