Security News > 2025 > February > Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities
2025-02-10 09:09
Zimbra has released software updates to address critical security flaws in its Collaboration software that, if successfully exploited, could result in information disclosure under certain conditions. The vulnerability, tracked as CVE-2025-25064, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been described as an SQL injection bug in the ZimbraSync Service SOAP endpoint affecting
News URL
https://thehackernews.com/2025/02/zimbra-releases-security-updates-for.html
Related news
- Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Qualcomm pledges 8 years of security updates for Android kit using its chips (YMMV) (source)
- Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack (source)
- Update Your iPhone Now to Fix Safari Security Flaw (source)
- Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities (source)