Zimbra Collaboration
2 CVEs affecting Zimbra Collaboration. Latest disclosed: 2026-01-05. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-66376 | High | 7.2 | 2026-01-05 | Zimbra Collaboration (ZCS) 10 before 10.0.18 and 10.1 before 10.1.13 allows Classic UI stored XSS via Cascading Style Sheets (CSS) @import directives in an HTM… |
CVE-2025-62763 | Medium | 5.0 | 2025-10-21 | Zimbra Collaboration (ZCS) before 10.1.12 allows SSRF because of the configuration of the chat proxy. |