CVE-2022-37043
CVE-2022-37043 affects Zimbra Collaboration Suite webmail (ZCS) 8.8.15 and 9.0.0. The issue is a preauth CSRF flaw where CSRF tokens are not checked on certain POST endpoints, allowing an authenticated user viewing an attacker‑controlled page to cause the application to process requests that appe...