Security News > 2025 > February > Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities
2025-02-10 09:09
Zimbra has released software updates to address critical security flaws in its Collaboration software that, if successfully exploited, could result in information disclosure under certain conditions. The vulnerability, tracked as CVE-2025-25064, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been described as an SQL injection bug in the ZimbraSync Service SOAP endpoint affecting
News URL
https://thehackernews.com/2025/02/zimbra-releases-security-updates-for.html
Related news
- Windows 11 installation media bug causes security update failures (source)
- Windows 11 Media Update Bug Stops Security Updates (source)
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)
- Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks (source)
- Critical SimpleHelp vulnerabilities fixed, update your server instances! (source)
- CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List (source)
- Microsoft: January Windows security updates break audio playback (source)
- Microsoft shares workaround for Windows security update issues (source)