CVE-2021-35207
- Source
- https://cve.org/CVERecord?id=CVE-2021-35207
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-35207.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-35207
- Published
- 2021-07-02T19:15:08.377Z
- Modified
- 2026-03-15T15:14:53.862816Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in Zimbra Collaboration Suite 8.8 before 8.8.15 Patch 23 and 9.0 before 9.0.0 Patch 16. An XSS vulnerability exists in the login component of Zimbra Web Client, in which an attacker can execute arbitrary JavaScript by adding executable JavaScript to the loginErrorCode parameter of the login url.
- References
Affected packages
Git / github.com/zimbra/zm-build
Affected ranges
- Type
- GIT
- Repo
- https://github.com/zimbra/zm-build
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "8.8.15-NA" }, { "introduced": "0" }, { "last_affected": "8.8.15-p1" }, { "introduced": "0" }, { "last_affected": "8.8.15-p11" }, { "introduced": "0" }, { "last_affected": "8.8.15-p20" }, { "introduced": "0" }, { "last_affected": "8.8.15-p3" }, { "introduced": "0" }, { "last_affected": "8.8.15-p5" }, { "introduced": "0" }, { "last_affected": "9.0.0-NA" }, { "introduced": "0" }, { "last_affected": "9.0.0-p1" }, { "introduced": "0" }, { "last_affected": "9.0.0-p4" }, { "introduced": "0" }, { "last_affected": "9.0.0-p7" } ] }
Affected versions
8.*
8.7.10
8.7.11
8.7.6
8.7.7
8.7.9
8.8.0.beta1
8.8.10
8.8.11
8.8.11.p3
8.8.12
8.8.15
8.8.2
8.8.3
8.8.4
8.8.6
8.8.7
8.8.8
8.8.9
8.8.9.p1
8.8.9.p3
Database specific
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-35207.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "8.8"
},
{
"fixed": "8.8.15"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-p10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-p12"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-p13"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-p14"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-p15"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-p16"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-p17"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-p18"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-p19"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-p2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-p21"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-p22"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-p4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-p6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-p7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-p8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-p9"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-p10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-p11"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-p12"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-p13"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-p14"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-p15"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-p2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-p3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-p5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-p6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-p8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-p9"
}
]
}
]