CVE-2024-45515
published 2025-07-30CVE-2024-45515: An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A Cross-Site Scripting (XSS) vulnerability exists in Zimbra webmail due to insufficient…
PriorityP427medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.29%
20.5th percentile
An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A Cross-Site Scripting (XSS) vulnerability exists in Zimbra webmail due to insufficient validation of the content type metadata when importing files into the briefcase. Attackers can exploit this issue by crafting a file with manipulated metadata, allowing them to bypass content type checks and execute arbitrary JavaScript within the victim's session.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zimbra | collaboration | <= 10.1.0 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Wiz
CVE-2025-67809 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.1
CVE-2025-67809 [MEDIUM] CVE-2025-67809 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-67809 :
Zimbra Collaboration Server vulnerability analysis and mitigation
An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A hardcoded Flickr API key and secret are present in the publicly accessible Flickr Zimlet used by Zimbra Collaboration. Because these credentials are embedded directly in the Zimlet, any unauthorized party could retrieve them and misuse the Flickr integration. An attacker with access to the exposed credentials could impersonate the legitimate application and initiate valid Flickr OAuth flows. If a user is tricked into approving such a request, the attacker could gain access to the user s Flickr data. The hardcoded credentials have since been removed from the Zimlet code, and the associated key has been revoked.
Source : NVD
## 4.7
Wiz
CVE-2025-68645 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.1
CVE-2025-68645 [MEDIUM] CVE-2025-68645 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-68645 :
Zimbra Collaboration Server vulnerability analysis and mitigation
A Local File Inclusion (LFI) vulnerability exists in the Webmail Classic UI of Zimbra Collaboration (ZCS) 10.0 and 10.1 because of improper handling of user-supplied request parameters in the RestFilter servlet. An unauthenticated remote attacker can craft requests to the /h/rest endpoint to influence internal request dispatching, allowing inclusion of arbitrary files from the WebRoot directory.
Source : NVD
## 8.8
Score
Published December 22, 2025
Severity HIGH
CNA Score 8.8
Affected Technologies
Zimbra Collaboration Server
Has Public Exploit Yes
Has CISA KEV Exploit Yes
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 97.7
Exploitation Probabil
Wiz
CVE-2025-66376 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.1
CVE-2025-66376 [MEDIUM] CVE-2025-66376 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-66376 :
Zimbra Collaboration Server vulnerability analysis and mitigation
Zimbra Collaboration (ZCS) 10 before 10.0.18 and 10.1 before 10.1.13 allows Classic UI stored XSS via Cascading Style Sheets (CSS) @import directives in an HTML e-mail message.
Source : NVD
## 6.1
Score
Published January 5, 2026
Severity MEDIUM
CNA Score 7.2
Affected Technologies
Zimbra Collaboration Server
Has Public Exploit Yes
Has CISA KEV Exploit Yes
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 93
Exploitation Probability (EPSS) 10
Affected packages and libraries
cpe:2.3:a:zimbra:collaboration
Sources
NVD
Linux Severity MEDIUM Has Fix Added at: Jan 06, 2026
## Get a CVE risk assessment
Get a prioritized view of CVEs in your cloud
2025-07-30
Published