Skip to content
The Nexus
SECURITYJul 11 · 06:45 UTCTHE HACKER NEWS[email protected] (The Hacker News)

Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions

Zimbra is urging customers to apply updates to address a critical security vulnerability in the Classic Web Client that could allow arbitrary code execution via stored cross-site scripting (XSS). The flaw could enable malicious scripts to run in user sessions through specially crafted emails and has not yet been assigned a CVE identifier.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this
Related Signal

Adjacent reporting