Security News > 2023 > July > Zimbra patches zero-day vulnerability exploited in XSS attacks

Zimbra patches zero-day vulnerability exploited in XSS attacks

2023-07-27 18:57

Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email servers. [...]

News URL

https://www.bleepingcomputer.com/news/security/zimbra-patches-zero-day-vulnerability-exploited-in-xss-attacks/

#attack #vulnerability #XSS #zeroday #zimbra

Related news

PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities (source)
Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
Broadcom fixes three VMware zero-days exploited in attacks (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Zimbra		7	0	40	15	8	63

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.