cve detail

CVE-2020-7796

naam

Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability

Synacor Zimbra Collaboration Suite (ZCS) contains a server-side request forgery vulnerability if WebEx zimlet installed and zimlet JSP is enabled.

KEV

bekend misbruikt

EPSS

percentiel

vendor

Synacor

product

Zimbra Collaboration Suite

toegevoegd aan KEV

17 feb 2026

due date

10 mrt 2026

ransomware

Unknown

CWE

CWE-918

EPSS datum

aanbevolen actie

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

notities

https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P7 ; https://nvd.nist.gov/vuln/detail/CVE-2020-7796