VYPR
Unrated severityCISA KEVOSV Advisory· Published Jan 5, 2026· Updated Mar 19, 2026

CVE-2025-66376

CVE-2025-66376

Description

Zimbra Collaboration (ZCS) 10 before 10.0.18 and 10.1 before 10.1.13 allows Classic UI stored XSS via Cascading Style Sheets (CSS) @import directives in an HTML e-mail message.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

1
CVE-2025-66376 · VYPR