XXE Vulnerability in ZxChat (ZeXtras Chat) in Synacor Zimbra Collaboration Suite
CVE-2018-20160 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
ZxChat (aka ZeXtras Chat), as used for zimbra-chat and zimbra-talk in Synacor Zimbra Collaboration Suite 8.7 and 8.8 and in other products, allows XXE attacks, as demonstrated by a crafted XML request to mailboxd.
Learn more about our Web Application Penetration Testing UK.