Zimbra Multiple Vulnerabilities
RISK: High Risk
TYPE: Servers - Internet App Servers
Multiple vulnerabilities were identified in Zimbra. A remote attacker could exploit some of these vulnerabilities to trigger cross-site scripting, spoofing, security restriction bypass and sensitive information disclosure on the targeted system.
Note:
CVE-2025-68645 is being exploited in the wild. An unauthenticated remote attacker can craft requests to the /h/rest endpoint to influence internal request dispatching, allowing sensitive information disclosure on the targeted system. Hence, the risk level is rated from Medium Risk to High Risk.
CVE-2025-66376 is being exploited in the wild. This vulnerability allows Classic UI stored XSS via Cascading Style Sheets (CSS) @import directives in an HTML e-mail message. Hence, the risk level is rated as High Risk.
[Updated on 2026-01-23]
Updated Description, Risk Level, Vulnerability Identifier and Related Links.
[Updated on 2026-03-19]
Updated Description and Related Links.
Impact
- Security Restriction Bypass
- Spoofing
- Information Disclosure
- Cross-Site Scripting
System / Technologies affected
- Zimbra Daffodil prior to 10.0.18
- Zimbra Daffodil prior to 10.1.13
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.13#Security_Fixes
- https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.18#Security_Fixes
Vulnerability Identifier
Source
Related Link
- https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.13#Security_Fixes
- https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.18#Security_Fixes
- https://www.cisa.gov/news-events/alerts/2026/01/22/cisa-adds-four-known-exploited-vulnerabilities-catalog
- https://www.cisa.gov/news-events/alerts/2026/03/18/cisa-adds-one-known-exploited-vulnerability-catalog
Related Tags
Share with