CVE-2012-0903 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Desktop 7.1.2 b10978 allow remote attackers to inject arbitrary web script or HTML via the (1) Username or (2) MailBox Name.

Reference

http://packetstormsecurity.org/files/view/108715/VL-378.txt http://seclists.org/fulldisclosure/2012/Jan/244 http://www.securityfocus.com/bid/51436 http://www.vulnerability-lab.com/get_content.php?id=378 https://exchange.xforce.ibmcloud.com/vulnerabilities/72405