Zimbra is urging customers to patch a critical stored cross-site scripting (XSS) vulnerability affecting its Classic Web Client. This flaw allows attackers to execute malicious code by sending specially crafted emails, potentially leading to the theft of session data, account settings, or mailbox information. The company released Zimbra 10.1.19 to address the issue, which was reported by Google's Threat Analysis Group, based on information published by Bleeping Computer.The vulnerability, which currently lacks a CVE ID, impacts the Classic Web Client interface of the Zimbra Collaboration suite, used by millions globally, including businesses and government agencies. Successful exploitation could compromise sensitive user data. Zimbra strongly recommends upgrading to version 10.1.19 to mitigate the risk. While not yet confirmed as exploited in the wild, the reporting by Google's Threat Analysis Group is significant, as they often identify exploits used by state-backed actors.Zimbra products have been a frequent target for Russian state-sponsored hackers, including groups like Winter Vivern and APT29, who have previously exploited similar flaws to steal emails and credentials from government and military organizations. The Cybersecurity and Infrastructure Security Agency (CISA) has issued orders for federal agencies to patch Zimbra vulnerabilities exploited in attacks targeting Ukrainian government entities and has warned of ongoing attacks exploiting other XSS flaws, with thousands of instances remaining vulnerable.Source: Bleeping Computer
Vulnerability Management
Zimbra urges patching of critical XSS vulnerability in Classic Web Client

(Adobe Stock)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



