3 matches found
EUVD-2026-13698
An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A cross-site request forgery CSRF vulnerability exists in Zimbra Webmail due to improper validation of CSRF tokens. The application accepts CSRF tokens supplied within the request body instead of requiring them through the expecte...
CVE-2026-33372
CVE-2026-33372 affects Zimbra Collaboration (ZCS) 10.0 and 10.1. A CSRF vulnerability in Zimbra Webmail arises from improper validation of CSRF tokens, accepting tokens in the request body instead of requiring them in the header. An attacker can lure an authenticated user into submitting a crafte...
CVE-2026-33372
An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A cross-site request forgery CSRF vulnerability exists in Zimbra Webmail due to improper validation of CSRF tokens. The application accepts CSRF tokens supplied within the request body instead of requiring them through the expecte...