CVE-2025-66376

Zimbra Collaboration ZCS 10 before 10.0.18 and 10.1 before 10.1.13 allows Classic UI stored XSS via Cascading Style Sheets CSS @import directives in an HTML e-mail message...

CVE-2025-66376

Zimbra Collaboration ZCS 10 before 10.0.18 and 10.1 before 10.1.13 allows Classic UI stored XSS via Cascading Style Sheets CSS @import directives in an HTML e-mail message...

PT-2026-1290

Name of the Vulnerable Software and Affected Versions Zimbra Collaboration ZCS versions prior to 10.0.18 Zimbra Collaboration ZCS versions prior to 10.1.13 Description The software contains a stored cross-site scripting XSS issue within the Classic UI. This occurs due to Cascading Style Sheets CS...

CVE-2025-66376

Zimbra Collaboration (ZCS) is affected in versions prior to 10.0.18 and prior to 10.1.13. The issue is a stored XSS in the Classic UI triggered by CSS @import directives in HTML emails, caused by improper handling of CSS imports. Impact is stored cross-site scripting within email rendering. Remed...

Zimbra Collaboration 跨站脚本漏洞

Zimbra Collaboration is an open source enterprise email and collaboration platform from Zimbra that supports email, calendaring, document management, and team collaboration features. A cross-site scripting vulnerability exists in Zimbra Collaboration versions prior to 10.0.18 and prior to 10.1.13...