CVE-2017-8802 Zimbra Collaboration Suite - Stored Cross-Site Scripting

Ask questions about your setup or get help installing ZCS server (ZD section below).
Klug
Ambassador
Ambassador
Posts: 2741
Joined: Mon Dec 16, 2013 11:35 am
Location: France - Drôme
ZCS/ZD Version: All of them
Contact:

Re: CVE-2017-8802 Zimbra Collaboration Suite - Stored Cross-Site Scripting

Post by Klug »

Hello David (nice first name, you can trust me on that) and welcome on the forum.

Thank you for the clarifications and fixes about the patch and release notes.

I still cannot access, with my bugzilla account, bugs #108265 or #107925 (the two I've tried).
User avatar
David Bingham
Posts: 4
Joined: Sat Feb 10, 2018 2:04 am
Location: Ottawa, Ontario, Canada

Re: CVE-2017-8802 Zimbra Collaboration Suite - Stored Cross-Site Scripting

Post by David Bingham »

Klug wrote:
I still cannot access, with my bugzilla account, bugs #108265 or #107925 (the two I've tried).
In many cases where the bug report includes details of an exploit, as for those two, publication before people have had a chance to patch or upgrade isn't responsible. Now that we have the fixes for those two available in all supported versions, we will be able to open them up, after a sufficient delay (30 days) for folks to patch or upgrade.

Cheers,
David. (yeah, it's a cool name!)
eloy.fernandez
Posts: 1
Joined: Mon Feb 19, 2018 2:04 pm

Re: CVE-2017-8802 Zimbra Collaboration Suite - Stored Cross-Site Scripting

Post by eloy.fernandez »

David Bingham wrote:
Klug wrote:
I still cannot access, with my bugzilla account, bugs #108265 or #107925 (the two I've tried).
In many cases where the bug report includes details of an exploit, as for those two, publication before people have had a chance to patch or upgrade isn't responsible. Now that we have the fixes for those two available in all supported versions, we will be able to open them up, after a sufficient delay (30 days) for folks to patch or upgrade.

Cheers,
David. (yeah, it's a cool name!)
Hi David, any idea when 8.7.11_Patch1 will be released?
Post Reply