Security News > 2025 > February > Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities

2025-02-10 09:09
Zimbra has released software updates to address critical security flaws in its Collaboration software that, if successfully exploited, could result in information disclosure under certain conditions. The vulnerability, tracked as CVE-2025-25064, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been described as an SQL injection bug in the ZimbraSync Service SOAP endpoint affecting
News URL
https://thehackernews.com/2025/02/zimbra-releases-security-updates-for.html
Related news
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Update Your iPhone Now to Fix Safari Security Flaw (source)
- Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities (source)
- Windows "inetpub" security fix can be abused to block future updates (source)