Zimbra Collaboration Server 8.8.15 < 8.8.15 Patch 47, 9.x < 9.0.0 Patch 43, 10.0.x < 10.0.12, 10.1.x < 10.1.4 XSS

Version 1.2

Apr 23, 2026, 10:45 PM

CISA reference
CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C")
CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C")
Exploit attributes ("Exploit available" set to "True")
Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available")