CVE-2016-9924
The CVE-2016-9924 issue affects Zimbra Collaboration Suite (ZCS) prior to 8.7.4, where XML External Entity (XXE) processing could be abused by remote attackers. The root cause is insecure XXE handling within ZCS’s XML processing, enabling an attacker to exploit XXE to disclose sensitive informati...