CVE-2017-20188 | Zimbra zm-ajax up to 8.8.1 XFormItem.js XFormItem.prototype.setError message cross site scripting

Posted by Angelo Barbosa | Dec 31, 2023 | CVE

A vulnerability has been found in Zimbra zm-ajax up to 8.8.1 and classified as problematic. Affected by this vulnerability is the function XFormItem.prototype.setError of the file WebRoot/js/ajax/dwt/xforms/XFormItem.js. The manipulation of the argument message leads to cross site scripting.

This vulnerability is known as CVE-2017-20188. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2017-20188 | Zimbra zm-ajax up to 8.8.1 XFormItem.js XFormItem.prototype.setError message cross site scripting

Related Posts

CVE-2024-1208 | LearnDash LMS Plugin up to 4.10.2 on WordPress API information disclosure

CVE-2024-38806 | Cloud Foundry UAA up to 40.17.0 expected behavior violation

CVE-2011-10005 | EasyFTP 1.7.0.2 MKD Command buffer overflow (Exploit 17354)

CVE-2023-50835 | Praveen Goswami Advanced Category Template Plugin up to 0.1 on WordPress cross-site request forgery