Vulnerability Management

Zimbra urges patching of critical XSS vulnerability in Classic Web Client

Magnifying glass red bug bounty, green binary code, identify and submit vulnerability reports

Zimbra is urging customers to patch a critical stored cross-site scripting (XSS) vulnerability affecting its Classic Web Client. This flaw allows attackers to execute malicious code by sending specially crafted emails, potentially leading to the theft of session data, account settings, or mailbox information. The company released Zimbra 10.1.19 to address the issue, which was reported by Google's Threat Analysis Group, based on information published by Bleeping Computer.

The vulnerability, which currently lacks a CVE ID, impacts the Classic Web Client interface of the Zimbra Collaboration suite, used by millions globally, including businesses and government agencies. Successful exploitation could compromise sensitive user data. Zimbra strongly recommends upgrading to version 10.1.19 to mitigate the risk. While not yet confirmed as exploited in the wild, the reporting by Google's Threat Analysis Group is significant, as they often identify exploits used by state-backed actors.

Zimbra products have been a frequent target for Russian state-sponsored hackers, including groups like Winter Vivern and APT29, who have previously exploited similar flaws to steal emails and credentials from government and military organizations. The Cybersecurity and Infrastructure Security Agency (CISA) has issued orders for federal agencies to patch Zimbra vulnerabilities exploited in attacks targeting Ukrainian government entities and has warned of ongoing attacks exploiting other XSS flaws, with thousands of instances remaining vulnerable.

Source: Bleeping Computer

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds