Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities

Updated on February 10, 2025

Zimbra has released software updates to address critical security flaws in its Collaboration software that, if successfully exploited, could result in information disclosure under certain conditions.
The vulnerability, tracked as CVE-2025-25064, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been described as an SQL injection bug in the ZimbraSync Service SOAP endpoint affecting…

Read the rest of the story at Read More

Source: The Hacker News

May 21, 2025 Uncategorized

Researchers Expose PWA JavaScript Attack...

May 21, 2025 Uncategorized

Russian Hackers Exploit Email and VPN Vu...

June 23, 2025 Uncategorized

Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities

Related posts

Researchers Expose PWA JavaScript Attack...

Russian Hackers Exploit Email and VPN Vu...

DHS Warns Pro-Iranian Hackers Likely to ...

Leave a Comment Cancel reply

Recent News

Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks

Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages

Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger

Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025

Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft

Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks

DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft

FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage

Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts

🕵️ Webinar: Discover and Control Shadow AI Agents in Your Enterprise Before Hackers Do