{"id":"CVE-2022-24682","details":"An issue was discovered in the Calendar feature in Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 (update 1), as exploited in the wild starting in December 2021. An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing arbitrary markup to be injected into the document.","modified":"2026-04-10T04:45:48.419912Z","published":"2022-02-09T04:15:07.400Z","references":[{"type":"WEB","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-24682"},{"type":"ADVISORY","url":"https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P30"},{"type":"ADVISORY","url":"https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories"},{"type":"ADVISORY","url":"https://blog.zimbra.com/2022/02/hotfix-available-5-feb-for-zero-day-exploit-vulnerability-in-zimbra-8-8-15/"},{"type":"ADVISORY","url":"https://wiki.zimbra.com/wiki/Security_Center"},{"type":"EVIDENCE","url":"https://www.volexity.com/blog/2022/02/03/operation-emailthief-active-exploitation-of-zero-day-xss-vulnerability-in-zimbra/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/zimbra/zm-build","events":[{"introduced":"0"},{"fixed":"ac6081fa002b1511e926aba37740d2b6c20f3f43"},{"introduced":"0"},{"last_affected":"ac6081fa002b1511e926aba37740d2b6c20f3f43"},{"introduced":"0"},{"last_affected":"29eea219faf34718f0ef1cda7c3f02c89910c96c"},{"introduced":"0"},{"last_affected":"29eea219faf34718f0ef1cda7c3f02c89910c96c"},{"introduced":"0"},{"last_affected":"62480d2f6aace77ee01bb4b8f46a3eff49cbdfd3"},{"introduced":"0"},{"last_affected":"71b1626efff0a90ba64ff3e5ab192683e6dccc9a"},{"introduced":"0"},{"last_affected":"905970576d6fe337150f09c0ad7a0f53aa1a8f42"},{"introduced":"0"},{"last_affected":"0e40da921adb967639011de45841cef4c4601413"}],"database_specific":{"versions":[{"introduced":"8.8.0"},{"fixed":"8.8.15"},{"introduced":"0"},{"last_affected":"8.8.15-NA"},{"introduced":"0"},{"last_affected":"8.8.15-p1"},{"introduced":"0"},{"last_affected":"8.8.15-p11"},{"introduced":"0"},{"last_affected":"8.8.15-p20"},{"introduced":"0"},{"last_affected":"8.8.15-p26"},{"introduced":"0"},{"last_affected":"8.8.15-p3"},{"introduced":"0"},{"last_affected":"8.8.15-p5"}]}},{"type":"GIT","repo":"https://github.com/zimbra/zm-mailbox","events":[{"introduced":"0"},{"last_affected":"e9ebb1ed89f27827ea1963d1329b1f8335aba9ac"},{"introduced":"0"},{"last_affected":"7a895cdd697874d0b3e8b8caf58aca8587370df3"},{"introduced":"0"},{"last_affected":"befb6e4bf13dd05d09ecc82054e8eb1ef68ddcf5"},{"introduced":"0"},{"last_affected":"f2c89b7483feeb0e5230960ed59ecb8edb903507"},{"introduced":"0"},{"last_affected":"91cb5232eaceb21fe2ef176ea6b7835ed78ae185"},{"introduced":"0"},{"last_affected":"7a1bb7c8d0dafd59a551674e52c0b472d4cf275b"},{"introduced":"0"},{"last_affected":"60555cd490710748f161320029fcbdfc3379adfd"},{"introduced":"0"},{"last_affected":"abdcfc1e99045bfc2a7fd5d1aaa8e9769e478952"},{"introduced":"0"},{"last_affected":"8dd758add476db0ee9a7c1abab136e30ebde01b2"},{"introduced":"0"},{"last_affected":"e067b8c20a2c01c947342c4f3c625b40b08b918f"},{"introduced":"0"},{"last_affected":"9ce56d132f0d6668a108f53199cf4c6bf5d6c505"},{"introduced":"0"},{"last_affected":"5b8551b2bfdfc49af4ef5c7ca75f9c5061635031"},{"introduced":"0"},{"last_affected":"e3813a02221fd56ec25139371411b2cd781e2c13"},{"introduced":"0"},{"last_affected":"c1ce7ee805ce42b0ed8be10adbad7983dbf38c6f"},{"introduced":"0"},{"last_affected":"efd11afe1b526bb03f59b699aaadf6a1449e0244"},{"introduced":"0"},{"last_affected":"d093cdf68ec6716be445c653277f602739a5086b"},{"introduced":"0"},{"last_affected":"a12b964a206748de6db6dc1da2ee16249aabafce"},{"introduced":"0"},{"last_affected":"58996926d8f031827e03ec788d69fd2d16739b1a"},{"introduced":"0"},{"last_affected":"d31ba9d45eb31100ea30461dd859a5a9663b1e4a"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"8.8.15-p10"},{"introduced":"0"},{"last_affected":"8.8.15-p12"},{"introduced":"0"},{"last_affected":"8.8.15-p13"},{"introduced":"0"},{"last_affected":"8.8.15-p14"},{"introduced":"0"},{"last_affected":"8.8.15-p15"},{"introduced":"0"},{"last_affected":"8.8.15-p16"},{"introduced":"0"},{"last_affected":"8.8.15-p17"},{"introduced":"0"},{"last_affected":"8.8.15-p18"},{"introduced":"0"},{"last_affected":"8.8.15-p2"},{"introduced":"0"},{"last_affected":"8.8.15-p23"},{"introduced":"0"},{"last_affected":"8.8.15-p24"},{"introduced":"0"},{"last_affected":"8.8.15-p25"},{"introduced":"0"},{"last_affected":"8.8.15-p27"},{"introduced":"0"},{"last_affected":"8.8.15-p29"},{"introduced":"0"},{"last_affected":"8.8.15-p4"},{"introduced":"0"},{"last_affected":"8.8.15-p6"},{"introduced":"0"},{"last_affected":"8.8.15-p7"},{"introduced":"0"},{"last_affected":"8.8.15-p8"},{"introduced":"0"},{"last_affected":"8.8.15-p9"}]}},{"type":"GIT","repo":"https://github.com/zimbra/zm-zcs-lib","events":[{"introduced":"0"},{"last_affected":"bd05dc4161a2046d2972fb744f98675fa0f5b4f0"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"8.8.15-p21"}]}}],"versions":["8.7.6","8.7.7","8.8.10","8.8.12","8.8.15","8.8.15.U20","8.8.15.p1","8.8.15.p10","8.8.15.p11","8.8.15.p12","8.8.15.p13","8.8.15.p14","8.8.15.p15","8.8.15.p15.nysa","8.8.15.p16","8.8.15.p17","8.8.15.p18","8.8.15.p2","8.8.15.p20","8.8.15.p21","8.8.15.p23","8.8.15.p24","8.8.15.p25","8.8.15.p26","8.8.15.p27","8.8.15.p29","8.8.15.p3","8.8.15.p4","8.8.15.p5","8.8.15.p6","8.8.15.p7","8.8.15.p8","8.8.15.p9","8.8.2","8.8.3","8.8.4","8.8.5","8.8.6","8.8.7","8.8.8","8.8.9"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.8.15-p19"}]},{"events":[{"introduced":"0"},{"last_affected":"8.8.15-p22"}]},{"events":[{"introduced":"0"},{"last_affected":"8.8.15-p28"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24682.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}