Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions

Read full story on The Hacker News
Share
Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions
AI disclosure

Summary

Zimbra is urging customers to apply updates to address a critical security vulnerability impacting the Classic Web Client that could result in arbitrary code execution. The vulnerability has been described as a case of stored cross-site scripting (XSS) that could allow specially crafted emails to execute malicious scripts in a user's session. It has yet to be assigned a CVE identifier. "The

Original reporting

Open original source
Read full article on The Hacker News

Get the AFBytes Brief

Major stories, AI-assisted analysis, and what to watch next. Free, monthly, unsubscribe anytime.