CVE-2020-13653
Zimbra Collaboration Suite Webmail contains a cross-site scripting (XSS) vulnerability in versions before 8.8.15 Patch 11 and in 9.x before 9.0.0 Patch 4. The flaw allows an attacker to inject JavaScript into a user’s account name, which can be reflected and executed when changing an e‑mail signa...