The Zimbra webmail solution is affected by two serious vulnerabilities that could allow an attacker to gain complete access to an organisation’s sent and received emails. Zimbra released patches in June for these vulnerabilities, which a researcher at SonarSource discovered. CVE-2021-35208, the first of these vulnerabilities, is a stored cross-site scripting vulnerability affecting the Document […]