Zimbra zero-day vulnerability actively exploited to steal emails

[Shane1145]

A cross-site scripting (XSS) Zimbra security vulnerability is actively exploited in attacks targeting European media and government organizations.

Zimbra is an email and collaboration platform that also includes instant messaging, contacts, video conferencing, file sharing, and cloud storage capabilities.


https://www.bleepingcomputer.com/news/s ... al-emails/