Vulnerability in N/a

CVE-2026-33368

Zimbra Collaboration Suite (ZCS) 10.0 and 10.1 contains a reflected cross-site scripting (XSS) vulnerability in the Classic Webmail REST interface (/h/rest). The application fails to properly sanitize user-supplied input, allowing an unaut…

EPSS: 0.001 (31.7th percentile) — read the EPSS interpretation.

Affected products

  • N/a — versions n/a

References