PT-2025-42914 · Zimbra · Zimbra Collaboration Suite
Published
2025-10-16
·
Updated
2025-10-21
·
CVE-2025-62763
CVSS v3.1
5.0
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Zimbra Collaboration versions prior to 10.1.12
Description
A flaw exists in Zimbra Collaboration Suite (ZCS) due to insufficient input validation. This can allow a remote attacker to perform a Server-Side Request Forgery (SSRF) attack. The vulnerability is related to the configuration of the chat proxy.
Recommendations
Update to version 10.1.12 or later.
Fix
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Zimbra Collaboration Suite