Dossier
stored cross-site scripting (XSS)
Coverage of stored cross-site scripting (XSS) in the Nexus archive.
- Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions
Zimbra is urging customers to apply updates to address a critical security vulnerability in the Classic Web Client that could allow arbitrary code execution via stored cross-site scripting (XSS). The flaw could enable malicious scripts to run in user sessions through specially crafted emails and has not yet been assigned a CVE identifier.