CVE-2025-48700: Synacor Zimbra Collaboration Suite (ZCS) Cross-site

Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability. Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that could allow attackers to execute arbitrary JavaScript within the user's session, potentially leading to unauthorized access to sensitive information.

• CISA KEV-listed (remediation due 2026-04-23)
• EPSS 18.2% (95.3% percentile)

Browse the CVE database

Read the full analysis on IntelFusions