Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities – The Hacker News

by [email protected] (The Hacker News) · February 10, 2025

Zimbra has released software updates to address critical security flaws in its Collaboration software that, if successfully exploited, could result in information disclosure under certain conditions.
The vulnerability, tracked as CVE-2025-25064, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been described as an SQL injection bug in the ZimbraSync Service SOAP endpoint affecting –

Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities – The Hacker News

Leave a Reply Cancel reply

Recent Posts