KEVIntel
PRO Back to KEVs
6.1
CVSS
Medium

CVE-2025-48700

PUBLISHED

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0 and 10.0 and 10.1. A Cross-Site Scripting (XSS) vulnerability in the Zimbra...

1 day faster than CISA KEV

Exploited in the wild Remote Low complexity
Vendor
Zimbra
Product
Zimbra Collaboration (ZCS)
Published
Jun 23, 2025
EPSS
18.2% · 95% pctl

Automate this intelligence with the Pro API

Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.

Learn about Pro

Description

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0 and 10.0 and 10.1. A Cross-Site Scripting (XSS) vulnerability in the Zimbra Classic UI allows attackers to execute arbitrary JavaScript within the user's session, potentially leading to unauthorized access to sensitive information. This issue arises from insufficient sanitization of HTML content, specifically involving crafted tag structures and attribute values that include an @import directive and other script injection vectors. The vulnerability is triggered when a user views a crafted e-mail message in the Classic UI, requiring no additional user interaction.

cisa

Weaknesses (CWE)

  • CWE-79

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSS scores

CVSS v3.1 6.1 Medium

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Exploitation status

Exploited in the wild

Recorded 2026-06-01 13:22:22 UTC · CVE

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CVE First 2026-06-01 13:22 UTC
CISA 2026-06-02 14:01 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel

  • KEV confirmed by CISA