## https://sploitus.com/exploit?id=SAINT:71C6FB74337A5A74CDDDB158E8B0AC37
Added: 08/30/2022
### Background
[Zimbra Collaboration Suite](<https://www.zimbra.com>) is an email, calendar, and collaboration solution for enterprises.
### Problem
A path traversal vulnerability in the `**mboximport**` function could allow a remote attacker to create arbitrary JSP files within the web document root, leading to command execution.
### Resolution
Upgrade to Zimbra Collaboration Suite 8.8.15 patch 31 or 9.0.0 patch 24 or higher.
### References
<https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P24#Security_Fixes>
### Platforms
Linux