DEV Community

NetSecOpsIO
NetSecOpsIO

Posted on • Originally published at cyber.netsecops.io on

Urgent Patch Advisory: Critical Stored XSS Flaw in Zimbra Allows Account Takeover via Email

Zimbra has issued an urgent advisory for a critical stored cross-site scripting (XSS) vulnerability in its Classic Web Client. The flaw, which has not yet been assigned a CVE, can be exploited by sending a specially crafted email to a target. When the victim opens the malicious email, the embedded s...

Severity: Critical

Categories: Vulnerability, Phishing, Cyberattack

Read Full Article →

Top comments (0)