CVE-2024-50599
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-50599
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-50599.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-50599
- Published
- 2024-11-07T21:15:06Z
- Modified
- 2025-06-18T11:08:54.632696Z
- Summary
- [none]
- Details
-
A reflected Cross-Site Scripting (XSS) vulnerability has been identified in Zimbra Collaboration Suite (ZCS) 8.8.15, affecting one of the webmail calendar endpoints. This arises from improper handling of user-supplied input, allowing an attacker to inject malicious code that is reflected back in the HTML response.
- References
Affected packages
Git / github.com/zimbra/zm-build
Affected ranges
- Type
- GIT
- Repo
- https://github.com/zimbra/zm-build
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
- Type
- GIT
- Repo
- https://github.com/zimbra/zm-mailbox
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
- Type
- GIT
- Repo
- https://github.com/zimbra/zm-zcs
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affected
- Type
- GIT
- Repo
- https://github.com/zimbra/zm-zcs-lib
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
Affected versions
8.*
8.7.10
8.7.11
8.7.6
8.7.7
8.7.9
8.8.0.beta1
8.8.0beta2
8.8.10
8.8.11
8.8.11.p3
8.8.12
8.8.15
8.8.15.p1
8.8.15.p10
8.8.15.p11
8.8.15.p12
8.8.15.p13
8.8.15.p14
8.8.15.p15
8.8.15.p16
8.8.15.p17
8.8.15.p18
8.8.15.p2
8.8.15.p20
8.8.15.p23
8.8.15.p24
8.8.15.p25
8.8.15.p26
8.8.15.p27
8.8.15.p29
8.8.15.p3
8.8.15.p30
8.8.15.p31
8.8.15.p4
8.8.15.p5
8.8.15.p6
8.8.15.p7
8.8.15.p8
8.8.15.p9
8.8.2
8.8.3
8.8.4
8.8.5
8.8.6
8.8.7
8.8.8
8.8.9
8.8.9.p1
8.8.9.p3