Zimbra Classic Web Client: Critical Stored XSS Flaw
A single crafted email is enough to run attacker-controlled code inside a Zimbra webmail session - no click, no attachment opened, just viewing the message in the Classic Web Client.
CVE: Not yet assi
404-founders.com4 min read