7 matches found
Unpacking the Zimbra Cross-Site Scripting Vulnerability (CVE-2023-37580)
Insights and Protections On November 16, 2023, a significant security concern was published by Google's Threat Analysis Group TAG. They revealed an alarming vulnerability in Zimbra Collaboration, a widely-used email hosting tool for organizations. This vulnerability, designated with an identifier...
Four Threat Actors Capitalized on Zimbra Zero Day to Infiltrate Government Organizations
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A zero-day vulnerability identified as CVE-2023-37580 in Zimbra Collaboration email software has been exploited by four different groups in attacks. These attacks aimed to illicitly obtain email data, us...
CVE-2023-37580
Zimbra Collaboration ZCS 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web Client...
Zimbra Fixes A Zero-Day Vulnerability Exploited in Attacks
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The vulnerability CVE-2023-37580 in Zimbra Collaboration Suite ZCS version 8.8.15 is a Cross-Site Scripting XSS flaw in the Zimbra Classic Web Client interface. Its impact is severe as it can...
CVE-2023-37580
CVE-2023-37580 – Zimbra Collaboration Suite (ZCS) XSS : The Nuclei template confirms a Cross-Site Scripting vulnerability in ZCS 8.x before 8.8.15 Patch 41, specifically in the Zimbra Classic Web Client. Impact described in the connected doc: successful exploitation could execute arbitrary script...
CVE-2023-37580
creationtimestamp| type| source ---|---|--- 2023-07-27 18:10:02+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-07-31 20:37:54+00:00| seen| https://t.me/cibsecurity/67484 2023-11-16 17:59:39+00:00| exploited| https://t.me/KomunitiSiber/1084 2023-11-16 18:23:55+00:00| exploited|...
Zimbra Warns of Critical Zero-Day Flaw in Email Software Amid Active Exploitation
Zimbra has warned of a critical zero-day security flaw in its email software that has come under active exploitation in the wild. "A security vulnerability in Zimbra Collaboration Suite Version 8.8.15 that could potentially impact the confidentiality and integrity of your data has surfaced," the...