CVE-2018-6882
CVE-2018-6882
Vexday Risk Score
63High priority
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 6.1EPSS 23.7%KEV simPoC —Nuclei simMetasploit —Patch —
Lifecycle
27 Mar 2018Published on NVD
19 Apr 2022Active exploitation (CISA KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short
An attacker can inject malicious scripts into emails by using a specially crafted Content-Location header in an attachment. When a user views the email in Zimbra, the script executes in their browser, potentially stealing data or performing unauthorized actions.
Technical detail
XSS vulnerability in ZmMailMsgView.getAttachmentLinkHtml function allows unauthenticated attackers to inject arbitrary JavaScript via Content-Location header in email attachments. Attack requires user interaction (viewing the email) and affects Zimbra Collaboration Suite versions before 8.7.1 and 8.8.x before 8.8.7, impacting confidentiality and integrity of user sessions.
Summary generated and translated by AI from the official description.
Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Location header in an email attachment.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://bugzilla.zimbra.com/show_bug.cgi?id=108786http://seclists.org/fulldisclosure/2018/Mar/52https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.7https://wiki.zimbra.com/wiki/Zimbra_Security_Advisorieshttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-6882https://www.securify.nl/advisory/SFY20180101/cross-site-scripting-vulnerability-in-zimbra-collaboration-suite-due-to-the-way-it-handles-attachment-links.htmlhttp://www.securityfocus.com/archive/1/541891/100/0/threaded