CVE-2015-7610

Name of the Vulnerable Software and Affected Versions Zimbra Collaboration Suite versions prior to 8.6.0 Patch 10 Zimbra Collaboration Suite versions 8.7.x prior to 8.7.11 Patch 2 Zimbra Collaboration Suite versions 8.8.x prior to 8.8.8 Patch 1

Description A cross-site request forgery (CSRF) issue exists in the login form, allowing remote attackers to hijack the authentication of victims by exploiting the failure to use a CSRF token.

Recommendations For Zimbra Collaboration Suite versions prior to 8.6.0 Patch 10, update to version 8.6.0 Patch 10 or later. For Zimbra Collaboration Suite versions 8.7.x prior to 8.7.11 Patch 2, update to version 8.7.11 Patch 2 or later. For Zimbra Collaboration Suite versions 8.8.x prior to 8.8.8 Patch 1, update to version 8.8.8 Patch 1 or later.