Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions

Zimbra is urging customers to apply updates to address a critical security vulnerability impacting the Classic Web Client that could result in arbitrary code execution.

The vulnerability has been described as a case of stored cross-site scripting (XSS) that could allow specially crafted emails to execute malicious scripts in a user’s session. It has yet to be assigned a CVE identifier.

“The

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

URGENT – Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat

Related Posts
Total
0
Share