CVE-2025-48700

CVSS 6.1 MEDIUMEPSS 1.8%● KEVCWE-79

In short

Zimbra email allows attackers to inject malicious code into emails that runs when users view them in the Classic UI, potentially stealing sensitive information or taking control of the user's email account.

Technical detail

A Cross-Site Scripting (XSS) vulnerability in Zimbra Collaboration 8.8.15, 9.0, 10.0, and 10.1 Classic UI results from insufficient HTML sanitization, allowing attackers to inject arbitrary JavaScript via crafted tag structures and @import directives that execute in the victim's browser session without additional interaction, compromising session integrity and enabling credential/data theft.

Summary generated and translated by AI from the official description.

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0 and 10.0 and 10.1. A Cross-Site Scripting (XSS) vulnerability in the Zimbra Classic UI allows attackers to execute arbitrary JavaScript within the user's session, potentially leading to unauthorized access to sensitive information. This issue arises from insufficient sanitization of HTML content, specifically involving crafted tag structures and attribute values that include an @import directive and other script injection vectors. The vulnerability is triggered when a user views a crafted e-mail message in the Classic UI, requiring no additional user interaction.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://wiki.zimbra.com/wiki/Security_Center https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-48700