CVE-2025-25065 Information

Feb 04, 2025 cve

Description

SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43 10.0.x before 10.0.12 and 10.1.x before 10.1.4 allows unauthorized redirection to internal network endpoints.

Reference

https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.12#Security_Fixes https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P43#Security_Fixes https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

Share on: