{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p19" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p22" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p28" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p38" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "8.8.15-NA" }, { "introduced": "0" }, { "last_affected": "8.8.15-p1" }, { "introduced": "0" }, { "last_affected": "8.8.15-p11" }, { "introduced": "0" }, { "last_affected": "8.8.15-p20" }, { "introduced": "0" }, { "last_affected": "8.8.15-p26" }, { "introduced": "0" }, { "last_affected": "8.8.15-p3" }, { "introduced": "0" }, { "last_affected": "8.8.15-p30" }, { "introduced": "0" }, { "last_affected": "8.8.15-p31" }, { "introduced": "0" }, { "last_affected": "8.8.15-p32" }, { "introduced": "0" }, { "last_affected": "8.8.15-p33" }, { "introduced": "0" }, { "last_affected": "8.8.15-p34" }, { "introduced": "0" }, { "last_affected": "8.8.15-p35" }, { "introduced": "0" }, { "last_affected": "8.8.15-p5" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "ac6081fa002b1511e926aba37740d2b6c20f3f43" }, { "introduced": "0" }, { "last_affected": "29eea219faf34718f0ef1cda7c3f02c89910c96c" }, { "introduced": "0" }, { "last_affected": "29eea219faf34718f0ef1cda7c3f02c89910c96c" }, { "introduced": "0" }, { "last_affected": "62480d2f6aace77ee01bb4b8f46a3eff49cbdfd3" }, { "introduced": "0" }, { "last_affected": "71b1626efff0a90ba64ff3e5ab192683e6dccc9a" }, { "introduced": "0" }, { "last_affected": "905970576d6fe337150f09c0ad7a0f53aa1a8f42" }, { "introduced": "0" }, { "last_affected": "5ae8f73501330bc788daed9c82c1222857d85b8b" }, { "introduced": "0" }, { "last_affected": "fe985a33cb83f82816a1e8f93d8d864112a6504e" }, { "introduced": "0" }, { "last_affected": "b7209ef3fd859fda5537cc7fbfdeb97cbd1ab931" }, { "introduced": "0" }, { "last_affected": "6c2b2cd41fa3625cbd1c12f4e14e07eece395a31" }, { "introduced": "0" }, { "last_affected": "3dbd48fe84d22132463b3758e3a40be19267fc9f" }, { "introduced": "0" }, { "last_affected": "dbb831c2de39b20cda7ea1e0063645d3cb6d1770" }, { "introduced": "0" }, { "last_affected": "0e40da921adb967639011de45841cef4c4601413" } ], "repo": "https://github.com/zimbra/zm-build", "type": "GIT" }, { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "8.8.15-p10" }, { "introduced": "0" }, { "last_affected": "8.8.15-p12" }, { "introduced": "0" }, { "last_affected": "8.8.15-p13" }, { "introduced": "0" }, { "last_affected": "8.8.15-p14" }, { "introduced": "0" }, { "last_affected": "8.8.15-p15" }, { "introduced": "0" }, { "last_affected": "8.8.15-p16" }, { "introduced": "0" }, { "last_affected": "8.8.15-p17" }, { "introduced": "0" }, { "last_affected": "8.8.15-p18" }, { "introduced": "0" }, { "last_affected": "8.8.15-p2" }, { "introduced": "0" }, { "last_affected": "8.8.15-p23" }, { "introduced": "0" }, { "last_affected": "8.8.15-p24" }, { "introduced": "0" }, { "last_affected": "8.8.15-p25" }, { "introduced": "0" }, { "last_affected": "8.8.15-p27" }, { "introduced": "0" }, { "last_affected": "8.8.15-p29" }, { "introduced": "0" }, { "last_affected": "8.8.15-p31\\.1" }, { "introduced": "0" }, { "last_affected": "8.8.15-p36" }, { "introduced": "0" }, { "last_affected": "8.8.15-p37" }, { "introduced": "0" }, { "last_affected": "8.8.15-p39" }, { "introduced": "0" }, { "last_affected": "8.8.15-p4" }, { "introduced": "0" }, { "last_affected": "8.8.15-p6" }, { "introduced": "0" }, { "last_affected": "8.8.15-p7" }, { "introduced": "0" }, { "last_affected": "8.8.15-p8" }, { "introduced": "0" }, { "last_affected": "8.8.15-p9" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "e9ebb1ed89f27827ea1963d1329b1f8335aba9ac" }, { "introduced": "0" }, { "last_affected": "7a895cdd697874d0b3e8b8caf58aca8587370df3" }, { "introduced": "0" }, { "last_affected": "befb6e4bf13dd05d09ecc82054e8eb1ef68ddcf5" }, { "introduced": "0" }, { "last_affected": "f2c89b7483feeb0e5230960ed59ecb8edb903507" }, { "introduced": "0" }, { "last_affected": "91cb5232eaceb21fe2ef176ea6b7835ed78ae185" }, { "introduced": "0" }, { "last_affected": "7a1bb7c8d0dafd59a551674e52c0b472d4cf275b" }, { "introduced": "0" }, { "last_affected": "60555cd490710748f161320029fcbdfc3379adfd" }, { "introduced": "0" }, { "last_affected": "abdcfc1e99045bfc2a7fd5d1aaa8e9769e478952" }, { "introduced": "0" }, { "last_affected": "8dd758add476db0ee9a7c1abab136e30ebde01b2" }, { "introduced": "0" }, { "last_affected": "e067b8c20a2c01c947342c4f3c625b40b08b918f" }, { "introduced": "0" }, { "last_affected": "9ce56d132f0d6668a108f53199cf4c6bf5d6c505" }, { "introduced": "0" }, { "last_affected": "5b8551b2bfdfc49af4ef5c7ca75f9c5061635031" }, { "introduced": "0" }, { "last_affected": "e3813a02221fd56ec25139371411b2cd781e2c13" }, { "introduced": "0" }, { "last_affected": "c1ce7ee805ce42b0ed8be10adbad7983dbf38c6f" }, { "introduced": "0" }, { "last_affected": "e0c8862be83f591fc1b032045e98b96796061373" }, { "introduced": "0" }, { "last_affected": "359e92ae32ffcbbdcd7787e4a8f1bafd8f1ae33c" }, { "introduced": "0" }, { "last_affected": "69e3baba70833e1941e04f7e988f663e533bc0aa" }, { "introduced": "0" }, { "last_affected": "65680a883fa99aaeeffca1757668f7ffb7314183" }, { "introduced": "0" }, { "last_affected": "efd11afe1b526bb03f59b699aaadf6a1449e0244" }, { "introduced": "0" }, { "last_affected": "d093cdf68ec6716be445c653277f602739a5086b" }, { "introduced": "0" }, { "last_affected": "a12b964a206748de6db6dc1da2ee16249aabafce" }, { "introduced": "0" }, { "last_affected": "58996926d8f031827e03ec788d69fd2d16739b1a" }, { "introduced": "0" }, { "last_affected": "d31ba9d45eb31100ea30461dd859a5a9663b1e4a" } ], "repo": "https://github.com/zimbra/zm-mailbox", "type": "GIT" }, { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "8.8.15-p21" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "bd05dc4161a2046d2972fb744f98675fa0f5b4f0" } ], "repo": "https://github.com/zimbra/zm-zcs-lib", "type": "GIT" } ] } ], "details": "Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function.", "id": "CVE-2023-34192", "modified": "2026-03-15T21:48:07.740740263Z", "published": "2023-07-06T16:15:10.047Z", "references": [ { "type": "WEB", "url": "https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy" }, { "type": "WEB", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-34192" }, { "type": "ADVISORY", "url": "https://wiki.zimbra.com/wiki/Security_Center" }, { "type": "ADVISORY", "url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "type": "CVSS_V3" } ] }