Headline
About Cross Site Scripting – Zimbra Collaboration (CVE-2025-27915) vulnerability
About Cross Site Scripting – Zimbra Collaboration (CVE-2025-27915) vulnerability. Zimbra Collaboration is a collaboration software suite, somewhat similar to Microsoft Exchange. Exploiting this vulnerability in the web mail client (Classic Web Client) allows an unauthenticated attacker to execute arbitrary JavaScript in the context of the victim’s session. To do this, the attacker only needs to […]
About Cross Site Scripting – Zimbra Collaboration (CVE-2025-27915) vulnerability. Zimbra Collaboration is a collaboration software suite, somewhat similar to Microsoft Exchange. Exploiting this vulnerability in the web mail client (Classic Web Client) allows an unauthenticated attacker to execute arbitrary JavaScript in the context of the victim’s session. To do this, the attacker only needs to send an email with a specially crafted ICS file (iCalendar). The payload is triggered when the message is viewed in the web interface.
⚙️ The vulnerability was patched on January 27 in versions 9.0.0 Patch 44, 10.0.13, 10.1.5, as well as in the unofficial free Zimbra FOSS build from Maldua.
🛠 On September 30, StrikeReady Labs published a vulnerability analysis with a public exploit.
👾 StrikeReady Labs reported the vulnerability was exploited against Brazil’s military in January, before the patch was released. The vulnerability was added to CISA KEV on October 7.
На русском
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.
Related news
November “In the Trend of VM” (#21): vulnerabilities in Windows, SharePoint, Redis, XWiki, Zimbra Collaboration, and Linux. The usual monthly roundup. After several months, here’s a big one. 🔥 🗞 Post on Habr (rus)🗞 Post on SecurityLab (rus)🗒 Digest on the PT website (rus) A total of nine vulnerabilities: 🔻 RCE – Windows Server Update […]
Russian hackers' adoption of artificial intelligence (AI) in cyber attacks against Ukraine has reached a new level in the first half of 2025 (H1 2025), the country's State Service for Special Communications and Information Protection (SSSCIP) said. "Hackers now employ it not only to generate phishing messages, but some of the malware samples we have analyzed show clear signs of being generated
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field. This recap cuts through the noise to share what really matters—key trends, warning signs, and stories shaping today’s security landscape. Whether you’re defending systems or just keeping up, these highlights help you spot what’s coming
A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazilian military. Tracked as CVE-2025-27915 (CVSS score: 5.4), the vulnerability is a stored cross-site scripting (XSS) vulnerability in the Classic Web Client that arises as a result of insufficient sanitization of HTML content in ICS calendar files,