CVE-2020-7796 — Zimbra Collaboration Suite: server-side template injection leading to remote code execution (RCE)
If patching is not possible immediately, apply the following workaround: cve20207796 zimbra collaboration suite full
Zimbra Collaboration Suite is a comprehensive email and collaboration platform designed for businesses and organizations. It offers a range of features, including email, calendar, contacts, and file sharing, making it a popular choice for enterprises seeking to streamline their communication and collaboration needs. The suite is available in both open-source and commercial editions, with the open-source version being widely used by organizations worldwide. The Account Harvest: From port 7071, she fetches:
/service/proxy?target=https://127.0.0.1:7071/service/admin/soap&ContactEmails=admin@logi-core.local
The Account Harvest: From port 7071, she fetches: The Account Harvest: From port 7071
Mitigation: If patching is not immediately possible, disable the WebEx Zimlet or the associated JSP functionality to close the attack vector.
CVE-2020-27996 is a classic but powerful reflected XSS flaw in Zimbra Collaboration Suite, made severe due to Zimbra’s complex routing and proxy architecture. While its CVSS score is “Medium,” its real-world impact — especially when combined with CVE-2020-27995 — is full system compromise. Administrators must patch immediately or apply strict URL filtering to prevent exploitation.