-
CISA Warns of Zimbra Collaboration Suite (ZCS) Vulnerability Exploited in Attacks
08 Jul 2025 14:08 GMT
… within the ProxyServlet component of Zimbra Collaboration Suite.
This security … Factors
Details
Affected Products
Synacor Zimbra Collaboration Suite (ZCS)
Impact … remediation guidance.
Organizations using Zimbra Collaboration Suite must prioritize immediate …
-
CISA Issues Alert Over Actively Exploited Flaw in Zimbra Collaboration Suite
08 Jul 2025 06:57 GMT
… exploited vulnerability in Synacor’s Zimbra Collaboration Suite (ZCS), urging … vulnerability impacts multiple versions of Zimbra Collaboration Suite, including:
ZCS … issued patches and mitigations for Zimbra Collaboration Suite immediately.
Follow BOD …
-
Zimbra Classic Web Client Vulnerability Let Attackers Execute Arbitrary JavaScript
24 Jun 2025 19:03 GMT
… risks to organizations using affected Zimbra installations, prompting immediate patch deployment … execution
Exploit Prerequisites
Access to Zimbra Classic Web Client interface, … script injection.
The following Zimbra versions have received critical security …
-
Zimbra CVE-2024-27443 XSS Flaw Hits 129K Servers, Sednit Suspected
24 May 2025 14:43 GMT
… CVE-2024-27443, in Zimbra Collaboration Suite’s CalendarInvite feature … a significant number of Zimbra Collaboration Suite instances were … , 33,614 on-premises Zimbra hosts were identified, often … advised to update their Zimbra Collaboration Suite to these …
-
U.S. CISA adds Ivanti EPMM, MDaemon Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws to its Known Exploited Vulnerabilities catalog
21 May 2025 14:19 GMT
… Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws … Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws … (CVSS score: 6.1) Synacor Zimbra Collaboration Suite (ZCS) Cross-Site …
-
Zimbra Collaboration Server GraphQL Vulnerability Exposes Sensitive User Data
30 Apr 2025 10:13 GMT
… trapped page while logged into Zimbra.
Zimbra’s security team credited … High)
Affected Versions and Mitigation
Zimbra confirmed the vulnerability impacts all … mechanisms becomes non-negotiable.
Zimbra administrators should apply patches immediately …
-
Zimbra Collaboration GraphQL Flaw Lets Hackers Steal User Information
30 Apr 2025 10:13 GMT
… Forgery (CSRF) vulnerability in Zimbra Collaboration Suite (ZCS) versions … bypass standard security checks.
Zimbra Collaboration, used by over … attacks.
Mitigation and Patches
Zimbra released version 10.1 … .
In an advisory, Zimbra confirmed the vulnerability’s …
-
Lotus Blossom Hacker Group Uses Dropbox, Twitter, and Zimbra for C2 Communications
28 Feb 2025 03:18 GMT
… services like Dropbox, Twitter, and Zimbra for command-and-control (C2 … Dropbox APIs, Twitter tokens, and Zimbra webmail APIs as C2 tunnels … Twitter status updates.
Zimbra Variant: This version leverages Zimbra’s webmail service …
-
‘I Zimbra’: the song that set the Talking Heads apart
27 Feb 2025 09:23 GMT
… album’s lead track ‘I, Zimbra’ welcomes the listeners with African … for the project, and ‘I Zimbra’ soundtracking their newfound ability to …
-
U.S. CISA adds Microsoft Partner Center and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog
26 Feb 2025 10:17 GMT
… Microsoft Partner Center and Synacor Zimbra Collaboration Suite flaws to its … Microsoft Partner Center and Synacor Zimbra Collaboration Suite vulnerabilities to its … are:
CVE-2023-34192 Synacor Zimbra Collaboration Suite (ZCS) Cross-Site …
About
© 1995-2025