Zimbra Classic Web Client stored XSS cross-site scripting flaw
Vulnerability
Summary
Hide ▲
Show ▼
Zimbra fixed a critical stored XSS flaw in the Classic Web Client that could let a specially crafted email run malicious code in a user's session. The weakness could expose mailbox information, session data, or account settings, creating account-compromise risk. Zimbra says customers should upgrade to Zimbra Collaboration Suite 10.1.19 to reduce exposure.
Related Happenings
APT28 Operation GhostMail Zimbra phishing campaign targeting Ukrainian government entities
Campaign
H score37
First: 19.03.2026 16:55
Last: 19.03.2026 16:55
Sources 1
About this happening:
**APT28**’s **Operation GhostMail** is actively targeting **Ukrainian government entities** through a phishing chain that exploits **CVE-2025-66376** in **Zimbra Collaboration Sui...
APT28 Operation GhostMail Zimbra phishing campaign targeting Ukrainian government entities
CampaignAbout this happening: **APT28**’s **Operation GhostMail** is actively targeting **Ukrainian government entities** through a phishing chain that exploits **CVE-2025-66376** in **Zimbra Collaboration Sui...
CISA BOD 22-01 Zimbra patch order
Public Sector Action
H score34
First: 18.03.2026 21:57
Last: 18.03.2026 21:57
Sources 1
About this happening:
**CISA** ordered **Federal Civilian Executive Branch agencies** to secure **Zimbra Collaboration Suite (ZCS)** servers against **CVE-2025-66376**, an **actively exploited** flaw t...
CISA BOD 22-01 Zimbra patch order
Public Sector ActionAbout this happening: **CISA** ordered **Federal Civilian Executive Branch agencies** to secure **Zimbra Collaboration Suite (ZCS)** servers against **CVE-2025-66376**, an **actively exploited** flaw t...
Timeline
-
11.07.2026 09:45 2 articles · 4h ago
Zimbra urges customers to patch critical stored XSS in Classic Web Client
Initial DisclosureZimbra urges customers to apply updates for a critical stored cross-site scripting flaw in the Classic Web Client that could let a specially crafted email run malicious code in a user's session. If exploited, the issue could expose mailbox information, session data, or account settings, and Zimbra recommends upgrading to Zimbra Collaboration Suite version 10.1.19.
Show sources
- Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions — thehackernews.com — 11.07.2026 09:45
- Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions — thehackernews.com — 11.07.2026 09:45