CuraSec

tag: Email-Security · 1 items

2026-07-11 · The Hacker News · source ↗ #zimbra#stored-xss#email-security
  • Engineer — Plan: If you run Zimbra Classic Web Client, apply the vendor-issued update promptly — stored XSS via crafted email is a practical account-takeover vector, but no public PoC or active exploitation is confirmed yet.
  • SOC/IR — Skip
  • Leader — Skip