
Zimbra 10.1.19 Fixes Stored XSS Flaw Triggered by Crafted Emails
Zimbra has released version 10.1.19 of its Collaboration Suite (ZCS), codenamed “Daffodil,” addressing a stored cross-site scripting (XSS) vulnerability in the Classic Web Client. The patch, released on July 7, 2026, closes a flaw that allowed attackers to execute malicious scripts within a victim’s active session simply by sending a specially crafted email. The stored […]
The post Zimbra 10.1.19 Fixes Stored XSS Flaw Triggered by Crafted Emails appeared first on Cyber Security News.