clayton@site:~/news$ cat cve-2018-6882-synacor-zimbra-collaboration-suite-zcs.log

CVE-2018-6882 — Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability

2022-04-19 • CISA Known Exploited Vulnerability

[event] Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that might allow remote attackers to inject arbitrary web script or HTML.

> AFFECTED SOFTWARE

Field	Value
Vendor	Synacor
Product	Zimbra Collaboration Suite (ZCS)
CWE	CWE-79
CVE ID	CVE-2018-6882
Date Added	2022-04-19
Due Date	2022-05-10
Ransomware Campaign	Known — this vulnerability has been leveraged in ransomware campaigns

> MITIGATION

Apply updates per vendor instructions.

Due Date: 2022-05-10

> REFERENCES

[1] https://nvd.nist.gov/vuln/detail/CVE-2018-6882