Zimbra zero-day exploited to steal government emails by four groups
Security Affairs
NOVEMBER 16, 2023
Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day ( CVE-2023-37580 ) to steal emails from governments. The vulnerability is a reflected cross-site scripting (XSS) issue that resides in the Zimbra Classic Web Client, it impacts Zimbra Collaboration (ZCS) 8 before 8.8.15
Let's personalize your content