{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p10" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p12" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p13" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p14" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p15" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p16" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p17" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p18" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p19" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p21" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p22" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p23" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p24" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p25" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p27" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p28" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p29" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p37" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p4" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p41" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p42" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p6" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p7" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p8" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p9" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p10" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p11" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p12" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p13" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p14" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p15" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p16" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p21" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p24" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p24\\.1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p3" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p34" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p35" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p5" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p6" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p8" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p9" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "10.0.0" }, { "fixed": "10.0.6" }, { "introduced": "0" }, { "last_affected": "8.8.15-NA" }, { "introduced": "0" }, { "last_affected": "8.8.15-p1" }, { "introduced": "0" }, { "last_affected": "8.8.15-p11" }, { "introduced": "0" }, { "last_affected": "8.8.15-p20" }, { "introduced": "0" }, { "last_affected": "8.8.15-p26" }, { "introduced": "0" }, { "last_affected": "8.8.15-p3" }, { "introduced": "0" }, { "last_affected": "8.8.15-p30" }, { "introduced": "0" }, { "last_affected": "8.8.15-p31" }, { "introduced": "0" }, { "last_affected": "8.8.15-p32" }, { "introduced": "0" }, { "last_affected": "8.8.15-p33" }, { "introduced": "0" }, { "last_affected": "8.8.15-p34" }, { "introduced": "0" }, { "last_affected": "8.8.15-p35" }, { "introduced": "0" }, { "last_affected": "8.8.15-p40" }, { "introduced": "0" }, { "last_affected": "8.8.15-p43" }, { "introduced": "0" }, { "last_affected": "8.8.15-p44" }, { "introduced": "0" }, { "last_affected": "8.8.15-p5" }, { "introduced": "0" }, { "last_affected": "9.0.0-NA" }, { "introduced": "0" }, { "last_affected": "9.0.0-p0" }, { "introduced": "0" }, { "last_affected": "9.0.0-p1" }, { "introduced": "0" }, { "last_affected": "9.0.0-p19" }, { "introduced": "0" }, { "last_affected": "9.0.0-p20" }, { "introduced": "0" }, { "last_affected": "9.0.0-p23" }, { "introduced": "0" }, { "last_affected": "9.0.0-p25" }, { "introduced": "0" }, { "last_affected": "9.0.0-p26" }, { "introduced": "0" }, { "last_affected": "9.0.0-p27" }, { "introduced": "0" }, { "last_affected": "9.0.0-p33" }, { "introduced": "0" }, { "last_affected": "9.0.0-p36" }, { "introduced": "0" }, { "last_affected": "9.0.0-p37" }, { "introduced": "0" }, { "last_affected": "9.0.0-p4" }, { "introduced": "0" }, { "last_affected": "9.0.0-p7" }, { "introduced": "0" }, { "last_affected": "9.0.0-p7\\.1" } ] }, "events": [ { "introduced": "b68c7b31a1d94f94903a79c53f1bd316b792de1d" }, { "fixed": "63dacdd96e958c4c3a0493cbbae7ae113d3bb858" }, { "introduced": "0" }, { "last_affected": "ac6081fa002b1511e926aba37740d2b6c20f3f43" }, { "introduced": "0" }, { "last_affected": "29eea219faf34718f0ef1cda7c3f02c89910c96c" }, { "introduced": "0" }, { "last_affected": "29eea219faf34718f0ef1cda7c3f02c89910c96c" }, { "introduced": "0" }, { "last_affected": "62480d2f6aace77ee01bb4b8f46a3eff49cbdfd3" }, { "introduced": "0" }, { "last_affected": "71b1626efff0a90ba64ff3e5ab192683e6dccc9a" }, { "introduced": "0" }, { "last_affected": "905970576d6fe337150f09c0ad7a0f53aa1a8f42" }, { "introduced": "0" }, { "last_affected": "5ae8f73501330bc788daed9c82c1222857d85b8b" }, { "introduced": "0" }, { "last_affected": "fe985a33cb83f82816a1e8f93d8d864112a6504e" }, { "introduced": "0" }, { "last_affected": "b7209ef3fd859fda5537cc7fbfdeb97cbd1ab931" }, { "introduced": "0" }, { "last_affected": "6c2b2cd41fa3625cbd1c12f4e14e07eece395a31" }, { "introduced": "0" }, { "last_affected": "3dbd48fe84d22132463b3758e3a40be19267fc9f" }, { "introduced": "0" }, { "last_affected": "dbb831c2de39b20cda7ea1e0063645d3cb6d1770" }, { "introduced": "0" }, { "last_affected": "2d471250d21cf4051227b7513e16df3a1f56ba86" }, { "introduced": "0" }, { "last_affected": "f67d315f2985f71ebd97a53cc5b43b39cfdb8c91" }, { "introduced": "0" }, { "last_affected": "2d66a4676f5dc69ca8f413989594d5103a89edf8" }, { "introduced": "0" }, { "last_affected": "0e40da921adb967639011de45841cef4c4601413" }, { "introduced": "0" }, { "last_affected": "b6cd8f69d2761c014d4a3807f0bdee0011386444" }, { "introduced": "0" }, { "last_affected": "de2eedbbdb8d58c34aac58dbf3866ae721f039eb" }, { "introduced": "0" }, { "last_affected": "5561a39cba0898c3bb5e188284d98f498d7a3c9a" }, { "introduced": "0" }, { "last_affected": "5561a39cba0898c3bb5e188284d98f498d7a3c9a" }, { "introduced": "0" }, { "last_affected": "d3209df466110d214b2ab6593f931a59c2127db8" }, { "introduced": "0" }, { "last_affected": "c8a93da38fd1572d864c1becbcc772ba91ee4403" }, { "introduced": "0" }, { "last_affected": "202d83762fca70b7403c144e1fedddc6cd4930a6" }, { "introduced": "0" }, { "last_affected": "a163a5dc09ec091fed86421118ec56c90384997a" }, { "introduced": "0" }, { "last_affected": "b2faf1c074bf6e2f4f76acd11b9ad5a0b4caec40" }, { "introduced": "0" }, { "last_affected": "9173353f25559ed524c7a40c799056c01c3418d4" }, { "introduced": "0" }, { "last_affected": "c27b145236b09c5487259d943dd54ffdea0ccbb3" }, { "introduced": "0" }, { "last_affected": "8d7f3750f42f0a59d61c1b44d8df1000a52ce9f2" }, { "introduced": "0" }, { "last_affected": "03d99a16095b73a73770fbb6131d10234cfc13fd" }, { "introduced": "0" }, { "last_affected": "bcb978ccc354d99d843725886083e321759b6765" }, { "introduced": "0" }, { "last_affected": "b20d016c829af1c0ffbaa0545c1deb96ccd5e2e5" } ], "repo": "https://github.com/zimbra/zm-build", "type": "GIT" } ] } ], "details": "An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and 10.0. XSS, with resultant session stealing, can occur via JavaScript code in a link (for a webmail redirection endpoint) within en email message, e.g., if a victim clicks on that link within Zimbra webmail.", "id": "CVE-2023-48432", "modified": "2026-03-13T21:50:38.910111690Z", "published": "2024-02-13T16:15:08.380Z", "references": [ { "type": "ADVISORY", "url": "https://wiki.zimbra.com/wiki/Security_Center" }, { "type": "ADVISORY", "url": "https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy" }, { "type": "ADVISORY", "url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "type": "CVSS_V3" } ] }