AI description
CVE-2025-48700 describes a Cross-Site Scripting (XSS) vulnerability found in Zimbra Collaboration Suite (ZCS) versions 8.8.15, 9.0, 10.0, and 10.1. This flaw specifically impacts the Zimbra Classic UI, enabling attackers to execute arbitrary JavaScript within a user's session. The root cause lies in inadequate sanitization of HTML content, particularly concerning crafted tag structures and attribute values that incorporate an `@import` directive and other script injection methods. The vulnerability can be triggered without any additional user interaction beyond viewing a specially crafted email message within the Classic UI. Successful exploitation of CVE-2025-48700 could lead to unauthorized access to sensitive information. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included this vulnerability in its Known Exploited Vulnerabilities (KEV) catalog, indicating that it has been actively exploited in real-world attacks since at least September 2025.
- Description
- An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0 and 10.0 and 10.1. A Cross-Site Scripting (XSS) vulnerability in the Zimbra Classic UI allows attackers to execute arbitrary JavaScript within the user's session, potentially leading to unauthorized access to sensitive information. This issue arises from insufficient sanitization of HTML content, specifically involving crafted tag structures and attribute values that include an @import directive and other script injection vectors. The vulnerability is triggered when a user views a crafted e-mail message in the Classic UI, requiring no additional user interaction.
- Source
- cve@mitre.org
- NVD status
- Analyzed
- Products
- zimbra_collaboration_suite
CVSS 3.1
- Type
- Secondary
- Base score
- 6.1
- Impact score
- 2.7
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-79
- Hype score
- Not currently trending
⚠️ Vulnerabilidad en productos Zimbra ❗ CVE-2025-48700 ➡️ Más info: https://t.co/k4NW6wV88I https://t.co/rM4LjwrFys
@CERTpy
29 Apr 2026
195 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
csirt_it: La Settimana Cibernetica del 26 aprile 2026 🔹aggiornamenti per molteplici prodotti 🔹Zimbra: rilevato sfruttamento in rete della CVE-2025-48700 🔹Libreria protobufjs: disponibile PoC per lo sfruttamento della CVE 2026-41242 ⚠️#EPSS 🔗 … https://t.co/oZ
@Vulcanux_
27 Apr 2026
274 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
La Settimana Cibernetica del 26 aprile 2026 🔹aggiornamenti per molteplici prodotti 🔹Zimbra: rilevato sfruttamento in rete della CVE-2025-48700 🔹Libreria protobufjs: disponibile PoC per lo sfruttamento della CVE 2026-41242 ⚠️#EPSS 🔗 https://t.co/L2uywEEoOX https
@csirt_it
27 Apr 2026
395 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
*Over 10,000 internet-exposed Zimbra servers remain vulnerable while exploitation continues* Why it matters: with CVE-2025-48700 now in KEV, unpatched mail/collaboration servers remain a high-probability initial access path. Source: https://t.co/1ZznpcRnTV
@gbc13
25 Apr 2026
147 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA added CVE-2025-48700 to KEV: XSS in Zimbra Collaboration Suite. Attacker plants JS that runs in your webmail session — read mail, steal tokens, act as you. Zimbra XSS bugs were exploited for espionage in 2023. Patch. https://t.co/RcMgz6Pr6v
@TechTranslators
25 Apr 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2024-7399 2 - CVE-2023-50224 3 - CVE-2025-48700 4 - CVE-2025-20333 5 - CVE-2026-5281 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
25 Apr 2026
226 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
TRC analysis shows attackers exploited CVE-2025-48700 XSS vulnerability in 10,000+ unpatched Zimbra servers through crafted emails. Post-compromise lateral movement allowed network-wide pivoting. Runtime segmentation helps contain such breach chains after initial email system
@aviatrixtrc
25 Apr 2026
151 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
بیش از ۱۰,۵۰۰ نمونه از نرمافزار همکاری زیمبرا (Zimbra Collaboration Suite) که در اینترنت در معرض دسترسی عموم قرار دارند، در برابر حملاتی که از یک آسیبپذیری اسکریپت
@Teeegra
24 Apr 2026
797 Impressions
0 Retweets
11 Likes
1 Bookmark
0 Replies
0 Quotes
Over 10,500 Zimbra servers remain vulnerable to CVE-2025-48700, an XSS flaw exploited by APT28 and APT29 in targeted phishing and mass intrusions. CISA lists it in KEV for federal patching. #ZimbraServer #CrossSiteScripting #USA https://t.co/YKXgjSu0kG
@TweetThreatNews
24 Apr 2026
204 Impressions
0 Retweets
2 Likes
0 Bookmarks
1 Reply
0 Quotes
🔥 𝐎𝐯𝐞𝐫 𝟏𝟎,𝟎𝟎𝟎 𝐙𝐢𝐦𝐛𝐫𝐚 𝐬𝐞𝐫𝐯𝐞𝐫𝐬 𝐯𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐥𝐞 𝐭𝐨 𝐨𝐧𝐠𝐨𝐢𝐧𝐠 𝐗𝐒𝐒 𝐚𝐭𝐭𝐚𝐜𝐤𝐬 • Over 10,000 Zimbra Collaboration Suite (ZCS) instances
@PurpleOps_io
24 Apr 2026
137 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 10,000+ Zimbra Servers Exposed to Active XSS Attacks → Attack: Unpatched XSS flaw (CVE-2025-48700) triggered via malicious email, no user interaction needed → Impact: Session hijacking + sensitive data theft across gov & enterprise email systems 💡 Insight: Old p
@VivekIntel
24 Apr 2026
266 Impressions
0 Retweets
1 Like
1 Bookmark
1 Reply
0 Quotes
🚨 Over 10,000 Zimbra Servers Exposed to Active XSS Exploits as #CVE-2025-48700 Attacks Spread Globally -Fact Checker: ✅: 4 ❌: 0 || 4/4 https://t.co/N84rhWVZFO
@UndercodeNews
24 Apr 2026
131 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We are scanning/reporting daily Zimbra Collaboration Suite instances vulnerable to CVE-2025-48700, that can allow unauthorized access to sensitive information. This vulnerability is exploited in the wild and on @CISACyber KEV. We see over 10.5K IPs unpatched 2026-04-23. https://t
@Shadowserver
24 Apr 2026
1013 Impressions
5 Retweets
6 Likes
1 Bookmark
1 Reply
0 Quotes
⚠️Alerte critique sur Zimbra : CVE-2025-48700 activement exploitée (zoneantimalware..com) https://t.co/cQ9nI8sm2f
@NicolasCoolman
23 Apr 2026
152 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Vulnerabilidad XSS en Zimbra: CVE-2025-48700 Análisis y Mitigaciones Descubre el análisis técnico de la vulnerabilidad CVE-2025-48700 en Synacor Zimbra Collaboration Suite, un XSS que permite ejecución de JavaScript. Impacto, rec https://t.co/cuCMM5VnJe #ciberplaneta
@CiberPlanetaOrg
22 Apr 2026
127 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Alerta de Seguridad: Vulnerabilidad de Cross-Site Scripting en Synacor Zimbra Collaboration Suite (ZCS) (CVE-2025-48700) Synacor Zimbra Collaboration Suite (ZCS) contiene una vulnerabilidad de cross-site scripting (XSS, CWE-79) que permite a atacantes ejecutar JavaScript
@CiberPlanetaOrg
22 Apr 2026
123 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
csirt_it: ‼️ #Exploited: rilevato lo sfruttamento attivo in rete della vulnerabilità CVE-2025-48700, che interessa #ZimbraCollaborationSuite #ZCS Rischio: 🟠 Tipologia: 🔸 Information Disclosure 🔗 https://t.co/yAMJ46EFLq ⚠️ Importante mantenere aggi… https:/
@Vulcanux_
22 Apr 2026
111 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
‼️ #Exploited: rilevato lo sfruttamento attivo in rete della vulnerabilità CVE-2025-48700, che interessa #ZimbraCollaborationSuite #ZCS Rischio: 🟠 Tipologia: 🔸 Information Disclosure 🔗 https://t.co/EYvtMqExzs ⚠️ Importante mantenere aggiornati i sistemi ⚠
@csirt_it
22 Apr 2026
301 Impressions
1 Retweet
4 Likes
1 Bookmark
0 Replies
0 Quotes
Warning: Cross-site scripting vulnerability in #Zimbra Collaboration Suite. #CVE-2025-48700 CVSS: 6.1. This vulnerability is #actively exploited to access unauthorised information. #Patch #Patch #Patch
@CCBalert
21 Apr 2026
180 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 [HIGH] Active exploitation detected: CVE-2025-48700 Exploit in the wild confirmed for CVE-2025-48700 (CVSS null). Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability t... 🔗 https://t.co/RZBhpWnHFz #ZeroDay #ExploitInWild #CyberSecurity
@ctiwatchcloud
21 Apr 2026
165 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-48700 #Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability https://t.co/isipTlWcPQ
@ScyScan
21 Apr 2026
142 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA just added 8 vulnerabilities to Known Exploited Catalog. Active exploitation confirmed. CVE-2025-48700 (Zimbra XSS), CVE-2025-32975 (Quest KACE), CVE-2024-27199 (JetBrains TeamCity). If you're running these, you're already compromised. #Cybersecurity #CISA
@battista212
20 Apr 2026
185 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-48700 Stored XSS in Zimbra Collaboration Classic UI Enables Arbitrary JavaScript Execution https://t.co/bJkIkZSam2
@VulmonFeeds
23 Jun 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E603BD7A-730E-410C-BBE1-3E5A8DD2A72F",
"versionEndExcluding": "10.0.12",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55361360-9F77-4731-82AD-82E65E4C5AA0",
"versionEndExcluding": "10.1.4",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:-:*:*:*:*:*:*",
"matchCriteriaId": "9E39A855-C0EB-4448-AE96-177757C40C66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p1:*:*:*:*:*:*",
"matchCriteriaId": "FFE7BE6E-7A9A-40C7-B236-7A21103E9F41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p10:*:*:*:*:*:*",
"matchCriteriaId": "B5924FFC-BA19-48B3-BF4D-0C2DB3FCD407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p11:*:*:*:*:*:*",
"matchCriteriaId": "7822D273-C2CB-4EFE-B929-3D34C65E005E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p12:*:*:*:*:*:*",
"matchCriteriaId": "F81528E8-FE3A-4C48-A747-34A3FF28BCAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p13:*:*:*:*:*:*",
"matchCriteriaId": "D772D4BA-9ED6-492C-A0D3-0AF4F3D49037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p14:*:*:*:*:*:*",
"matchCriteriaId": "C2A468FE-B59B-4CE9-B9B2-C836EEAFA3E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p15:*:*:*:*:*:*",
"matchCriteriaId": "04BECDE0-F082-49FB-ACA2-5C808902AA17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p16:*:*:*:*:*:*",
"matchCriteriaId": "56558FD4-4391-4199-BA6B-B53F5DC30144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p17:*:*:*:*:*:*",
"matchCriteriaId": "69A530D3-B84E-427B-BC92-64BBFEF331BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p18:*:*:*:*:*:*",
"matchCriteriaId": "3C0DCE7F-85A4-44C6-88C8-380B0BBBFA7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p19:*:*:*:*:*:*",
"matchCriteriaId": "180AF8B6-55AE-460C-B613-37FB697B5325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p2:*:*:*:*:*:*",
"matchCriteriaId": "6FCB5528-70FD-4525-A78B-D5537609331A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p20:*:*:*:*:*:*",
"matchCriteriaId": "34B07279-A26A-4EB1-8B33-885AD854018B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p21:*:*:*:*:*:*",
"matchCriteriaId": "97402ADA-AB05-4A92-920D-EA5363424FDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p22:*:*:*:*:*:*",
"matchCriteriaId": "697A1D34-FF0C-4F9E-8E91-34404A366D70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p23:*:*:*:*:*:*",
"matchCriteriaId": "9030D096-87A1-4AFF-BB7C-CE71990005B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p24:*:*:*:*:*:*",
"matchCriteriaId": "F211A8B1-E33E-49BE-9C18-31B1902EB4FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p25:*:*:*:*:*:*",
"matchCriteriaId": "4152CEA2-9DC1-4567-BAB3-9C36F74F77EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p26:*:*:*:*:*:*",
"matchCriteriaId": "9BC02B35-7FC4-41AB-8D2E-2CD1896D84C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p27:*:*:*:*:*:*",
"matchCriteriaId": "0294CB8B-B0AF-4A5C-B6B2-33F5BFFFBD4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p28:*:*:*:*:*:*",
"matchCriteriaId": "968A75B4-6D23-4B83-A8B5-777D8F151E04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p29:*:*:*:*:*:*",
"matchCriteriaId": "5E11BC24-56A3-4CAB-B0B2-D2430CD80767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p3:*:*:*:*:*:*",
"matchCriteriaId": "EF2EE32D-04A5-46EA-92F0-3C8D74A4B82A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p30:*:*:*:*:*:*",
"matchCriteriaId": "50FB0099-0495-4735-9398-7F7E657F459B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p31:*:*:*:*:*:*",
"matchCriteriaId": "FAE2858A-6D9E-4D79-AFA6-69C44D6D8C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p31.1:*:*:*:*:*:*",
"matchCriteriaId": "5C1D9EB8-E3FE-4BF3-8517-603BA4B126C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p32:*:*:*:*:*:*",
"matchCriteriaId": "50A296BC-6DA4-41B2-923A-0633566AD6C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p33:*:*:*:*:*:*",
"matchCriteriaId": "C066ED38-1175-48FB-BE05-BE0C19E9EBE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p34:*:*:*:*:*:*",
"matchCriteriaId": "89B3EF32-B474-44DB-AE30-CD308CDC5A77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p35:*:*:*:*:*:*",
"matchCriteriaId": "A9ECCB00-F3F4-4EB7-9FD0-4CB64678B129",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p36:*:*:*:*:*:*",
"matchCriteriaId": "37739F7A-490F-42A8-B97D-D09A3EDB85DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p37:*:*:*:*:*:*",
"matchCriteriaId": "518662DA-C0F3-4875-86D7-5ED2B2496CC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p38:*:*:*:*:*:*",
"matchCriteriaId": "64B28BE5-F35D-4AB0-A321-CEAE21BC26FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p39:*:*:*:*:*:*",
"matchCriteriaId": "9DFBABD6-70F2-4E3B-A9C0-82DE76D48542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p4:*:*:*:*:*:*",
"matchCriteriaId": "BB3C28CA-4C22-423E-B1C7-CBAFBB91F4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p40:*:*:*:*:*:*",
"matchCriteriaId": "0D2D6DBD-560A-4F8E-B2CC-67A564C460A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p41:*:*:*:*:*:*",
"matchCriteriaId": "BFBC20F8-7F50-4D9D-8442-3397DED4B18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p42:*:*:*:*:*:*",
"matchCriteriaId": "D175FCA2-F902-4470-BFF6-5EC2F31BB06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p43:*:*:*:*:*:*",
"matchCriteriaId": "5516ED19-5648-4BC8-A9C2-6EE41B1794C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p44:*:*:*:*:*:*",
"matchCriteriaId": "28D5F229-EE33-42C4-A26D-23BC760720A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p45:*:*:*:*:*:*",
"matchCriteriaId": "A00BE897-F462-4193-BF51-4381B04C076B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p46:*:*:*:*:*:*",
"matchCriteriaId": "8D93DABB-4E8B-4DB4-BCD5-D495933D0223",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p5:*:*:*:*:*:*",
"matchCriteriaId": "A9A1314A-20C8-42D7-9387-D914999EEAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p6:*:*:*:*:*:*",
"matchCriteriaId": "CEF091C5-8DC6-4A41-9E84-F53BE703F71B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p7:*:*:*:*:*:*",
"matchCriteriaId": "ACD65C28-9716-4073-8613-C4AF12684760",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p8:*:*:*:*:*:*",
"matchCriteriaId": "2C58AFFF-848F-490D-A95C-03A267C2DC98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p9:*:*:*:*:*:*",
"matchCriteriaId": "B62DC188-89A8-4AEA-90AE-563F0BBEFC54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "32AFCE22-5ADA-4FF7-A165-5EC12B325DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "D3577FE6-F1F4-4555-8D27-84D6DE731EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p10:*:*:*:*:*:*",
"matchCriteriaId": "931BD98E-1A5F-4634-945B-BDD7D2FAA8B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p11:*:*:*:*:*:*",
"matchCriteriaId": "2E7C0A57-A887-4D29-B601-4275313F46B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p12:*:*:*:*:*:*",
"matchCriteriaId": "B7248B91-D136-4DD5-A631-737E4C220A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p13:*:*:*:*:*:*",
"matchCriteriaId": "494F6FD4-36ED-4E40-8336-7F077FA80FA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p14:*:*:*:*:*:*",
"matchCriteriaId": "9DF8C0CE-A71D-4BB1-83FB-1EA5ED77E0C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p15:*:*:*:*:*:*",
"matchCriteriaId": "E0648498-2EE5-4B68-8360-ED5914285356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p16:*:*:*:*:*:*",
"matchCriteriaId": "24282FF8-548B-415B-95CA-1EFD404D21D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p17:*:*:*:*:*:*",
"matchCriteriaId": "ACFDF2D9-ED72-4969-AA3B-E8D48CB1922D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p18:*:*:*:*:*:*",
"matchCriteriaId": "2B7D0A8B-7A72-4C1A-85F2-BE336CA47E0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p19:*:*:*:*:*:*",
"matchCriteriaId": "019AFC34-289E-4A01-B08B-A5807F7F909A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "7E7B3976-DA6F-4285-93E6-2328006F7F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p20:*:*:*:*:*:*",
"matchCriteriaId": "062E586F-0E02-45A6-93AD-895048FC2D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p21:*:*:*:*:*:*",
"matchCriteriaId": "3EE37BEE-4BDB-4E62-8DE3-98CF74DFBE01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p22:*:*:*:*:*:*",
"matchCriteriaId": "ADF51BCA-37DD-4642-B201-74A6D1A545FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p23:*:*:*:*:*:*",
"matchCriteriaId": "39611F3D-A898-4C35-8915-3334CDFB78E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p24:*:*:*:*:*:*",
"matchCriteriaId": "40AB56B7-7222-4C44-A271-45DFE3673F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p24.1:*:*:*:*:*:*",
"matchCriteriaId": "2AE8F501-4528-4F15-AE50-D4F11FB462DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p25:*:*:*:*:*:*",
"matchCriteriaId": "AB9E054B-7790-4E74-A771-40BF6EC71610",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p26:*:*:*:*:*:*",
"matchCriteriaId": "DD924E57-C77B-430B-A615-537BB39CEA9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p27:*:*:*:*:*:*",
"matchCriteriaId": "F43F4AC0-7C82-4CF4-B0C7-3A4C567BC985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p28:*:*:*:*:*:*",
"matchCriteriaId": "7991F602-41D7-4377-B888-D66A467EAD67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p29:*:*:*:*:*:*",
"matchCriteriaId": "2193FCA2-1AE3-497D-B0ED-5B89727410E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "FA310AFA-492D-4A6C-A7F6-740E82CB6E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p30:*:*:*:*:*:*",
"matchCriteriaId": "FF95618B-0BFB-403C-83BE-C97879FC866D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p31:*:*:*:*:*:*",
"matchCriteriaId": "A82346A9-9CC2-4B91-BA2F-A815AAA92A7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p32:*:*:*:*:*:*",
"matchCriteriaId": "2E800348-E139-418D-910B-7B3A9E1E721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p33:*:*:*:*:*:*",
"matchCriteriaId": "C7DE1A7E-573B-42F3-B0A4-D2E676954FE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p34:*:*:*:*:*:*",
"matchCriteriaId": "E60BC1D0-8552-4E6B-B2C5-96038448C238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p35:*:*:*:*:*:*",
"matchCriteriaId": "3924251E-13B0-420E-8080-D3312C3D54AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p36:*:*:*:*:*:*",
"matchCriteriaId": "AEBE75F9-A494-4C78-927A-EA564BDCCE0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p37:*:*:*:*:*:*",
"matchCriteriaId": "900BECBA-7FDB-4E35-9603-29706FB87BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p38:*:*:*:*:*:*",
"matchCriteriaId": "5024FD58-A3ED-43B1-83EF-F4570C2573BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p39:*:*:*:*:*:*",
"matchCriteriaId": "3CC9D046-4EB4-4608-8AB7-B60AC330A770",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "2AF337B5-B296-449B-8848-7636EC7C46C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p40:*:*:*:*:*:*",
"matchCriteriaId": "A4535EC5-74D5-41E8-95F1-5C033ADB043E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p41:*:*:*:*:*:*",
"matchCriteriaId": "408E1BFD-16AA-458C-B040-04870522FEBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p42:*:*:*:*:*:*",
"matchCriteriaId": "205B2CDC-6423-4FD9-9FD0-847ADEB64003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "52232ACA-C158-48C8-A0DB-7689040CB8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "3B4D0040-86D0-46C3-8A9A-3DD12138B9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "D2BB9BC7-078D-4E08-88E4-9432D74CA9BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p8:*:*:*:*:*:*",
"matchCriteriaId": "F04D4B77-D386-4BC8-8169-9846693F6F11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "992370FA-F171-4FB3-9C1C-58AC37038CE4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]