← ExploitWatch
HomeExploited Vulnerabilities

CVE-2022-27926 — Actively Exploited: Zimbra Collaboration Suite (ZCS) (Synacor)

Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability by allowing an endpoint URL to accept parameters without sanitizing.

CVE IDCVE-2022-27926
VendorSynacor
ProductZimbra Collaboration Suite (ZCS)
Vulnerability nameSynacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
Date added2023-04-03
Remediation due2023-04-24
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionSynacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability by allowing an endpoint URL to accept parameters without sanitizing.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →