Unrated severityCISA KEVOSV Advisory· Published Jan 5, 2026· Updated Mar 19, 2026
CVE-2025-66376
CVE-2025-66376
Description
Zimbra Collaboration (ZCS) 10 before 10.0.18 and 10.1 before 10.1.13 allows Classic UI stored XSS via Cascading Style Sheets (CSS) @import directives in an HTML e-mail message.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <10.0.18, <10.1.13
Patches
Vulnerability mechanics
References
5News mentions
1- 23rd March – Threat Intelligence ReportCheck Point Research · Mar 23, 2026