CNNVD-202506-2953 Information
CNNVD ID
CNNVD-202506-2953
Related CVE
- CNNVD Published: 2025-06-23
Description (Chinese)
Zimbra Collaboration是Zimbra公司的一个开源企业级电子邮件与协作平台,支持邮件、日历、文档管理及团队协作功能。 Zimbra Collaboration 8.8.15版本、9.0版本、10.0版本和10.1版本存在安全漏洞,该漏洞源于HTML内容清理不足导致跨站脚本攻击。
Description (English)
Zimbra Collaboration is an open-source enterprise e-mail and collaboration platform for Zimbra to support mail, calendar, document management and teamwork functions. There is a security loophole in Zimbra Collaboration, Versions 8.8.15, 9.0, 10.0 and 10.1, which stems from inadequate HTML content clearance leading to a cross-site script attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Zimbra
Published
2025-06-23
Last Modified
2026-02-24
References
https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy https://wiki.zimbra.com/wiki/Security_Center https://access.redhat.com/security/cve/cve-2025-48700
Patch
https://wiki.zimbra.com/wiki/Security_Center
Share on: