Zimbra Flaw Exploited by Russia Against NATO Countries Added to CISA ‘Must Patch’ List

04 April 2023
Because of this issue, an endpoint URL may accept parameters without sanitization, which could allow an unauthenticated attacker to provide crafted request parameters leading to the execution of arbitrary web scripts or HTML code.