Zimbra Collaboration, an open-source software suite for collaboration, is utilized by over 5,000 companies and public sector users in more than 140 countries. However, Google TAG discovered a 0-day exploit in June 2023 that targeted Zimbra Collaboration (CVE-2023-37580). Four distinct groups exploited this bug, stealing email data, user credentials, and authentication tokens. The vulnerability, known as Zimbra Collaboration (ZCS) Cross-Site Scripting (XSS) Vulnerability, has a base score of 6.1 and a medium severity level. Most of the hacking activity occurred after the initial fix was made public on GitHub. To stay protected, it is recommended to keep software up-to-date and apply security updates promptly. Zimbra released a hotfix on July 5, 2023, and provided an advisory on July 13, 2023. Researchers also identified three threat groups exploiting the vulnerability before the official patch, with a fourth campaign emerging after the fix. The urgency for mail server fixes is underscored by the discovery of these campaigns. Regular XSS exploits highlight the importance of conducting rigorous mail server code audits.
Related Posts

New identical Windows Theme Zero-Day Vulnerability Let Attackers Steal Credentials vulnerability that might allow attackers to obtain NTLM credentials of…

Microsoft has addressed a critical zero-day vulnerability affecting its Windows Smart App Control (SAC) and SmartScreen security features. This vulnerability…

Oracle has issued an urgent security alert regarding a critical vulnerability in its Agile Product Lifecycle Management (PLM) Framework that…