CNNVD-202512-3962 Information
CNNVD ID
CNNVD-202512-3962
Related CVE
- CNNVD Published: 2025-12-22
Description (Chinese)
Zimbra Collaboration是Zimbra公司的一个开源企业级电子邮件与协作平台,支持邮件、日历、文档管理及团队协作功能。 Zimbra Collaboration 10.0版本和10.1版本存在安全漏洞,该漏洞源于RestFilter servlet处理用户输入不当,可能导致本地文件包含。
Description (English)
Zimbra Collaboration is an open-source enterprise e-mail and collaboration platform for Zimbra to support mail, calendar, document management and teamwork functions. There is a security loophole in versions 10.0 and 10.1 of Zimbra Collation, which stems from inappropriate user input processing by RestFilter servicelet, which may lead to local documentation.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Zimbra
Published
2025-12-22
Last Modified
2026-02-24
References
https://wiki.zimbra.com/wiki/Security_Center https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy https://access.redhat.com/security/cve/cve-2025-68645
Patch
https://www.zimbra.com/product/download/zimbra-collaboration-network-edition/
Share on: