CVE-2018-20160
- Source
- https://cve.org/CVERecord?id=CVE-2018-20160
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-20160.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-20160
- Published
- 2019-05-29T22:29:01.320Z
- Modified
- 2026-04-10T04:08:56.668573Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
ZxChat (aka ZeXtras Chat), as used for zimbra-chat and zimbra-talk in Synacor Zimbra Collaboration Suite 8.7 and 8.8 and in other products, allows XXE attacks, as demonstrated by a crafted XML request to mailboxd.
- References
Affected packages
Git / github.com/zimbra/zm-build
Affected ranges
- Type
- GIT
- Repo
- https://github.com/zimbra/zm-build
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "8.7.0" }, { "fixed": "8.7.11" }, { "introduced": "8.8.0" }, { "fixed": "8.8.9" }, { "introduced": "0" }, { "last_affected": "8.7.11-NA" }, { "introduced": "0" }, { "last_affected": "8.7.11-p1" }, { "introduced": "0" }, { "last_affected": "8.7.11-p2" }, { "introduced": "0" }, { "last_affected": "8.7.11-p3" }, { "introduced": "0" }, { "last_affected": "8.7.11-p4" }, { "introduced": "0" }, { "last_affected": "8.7.11-p5" }, { "introduced": "0" }, { "last_affected": "8.7.11-p6" }, { "introduced": "0" }, { "last_affected": "8.7.11-p7" }, { "introduced": "0" }, { "last_affected": "8.7.11-p8" }, { "introduced": "0" }, { "last_affected": "8.7.11-p9" }, { "introduced": "0" }, { "last_affected": "8.8.9-NA" }, { "introduced": "0" }, { "last_affected": "8.8.9-p1" }, { "introduced": "0" }, { "last_affected": "8.8.9-p3" }, { "introduced": "0" }, { "last_affected": "8.8.10-NA" }, { "introduced": "0" }, { "last_affected": "8.8.11-NA" } ] }
- Type
- GIT
- Repo
- https://github.com/zimbra/zm-mailbox
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "8.8.9-p2" }, { "introduced": "0" }, { "last_affected": "8.8.9-p4" }, { "introduced": "0" }, { "last_affected": "8.8.9-p7" }, { "introduced": "0" }, { "last_affected": "8.8.9-p8" }, { "introduced": "0" }, { "last_affected": "8.8.10-p2" }, { "introduced": "0" }, { "last_affected": "8.8.10-p3" }, { "introduced": "0" }, { "last_affected": "8.8.10-p4" } ] }
Affected versions
8.*
8.7.10
8.7.11
8.7.11.p1
8.7.11.p2
8.7.11.p3
8.7.11.p4
8.7.11.p5
8.7.11.p6
8.7.11.p7
8.7.11.p8
8.7.11.p9
8.7.6
8.7.7
8.7.9
8.8.0.beta1
8.8.10
8.8.10.p2
8.8.10.p3
8.8.10.p4
8.8.11
8.8.11.p3
8.8.2
8.8.3
8.8.4
8.8.5
8.8.6
8.8.7
8.8.8
8.8.9
8.8.9.p1
8.8.9.p2
8.8.9.p3
8.8.9.p4
8.8.9.p5
8.8.9.p7
8.8.9.p8