CVE-2025-27915

{"id": "CVE-2025-27915", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}]}, "published": "2025-03-12T15:15:39.900", "references": [{"url": "https://wiki.zimbra.com/wiki/Security_Center", "tags": ["Release Notes"], "source": "[email protected]"}, {"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.13#Security_Fixes", "tags": ["Release Notes"], "source": "[email protected]"}, {"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.5#Security_Fixes", "tags": ["Release Notes"], "source": "[email protected]"}, {"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P44#Security_Fixes", "tags": ["Release Notes"], "source": "[email protected]"}, {"url": "https://strikeready.com/blog/0day-ics-attack-in-the-wild/", "tags": ["Exploit", "Third Party Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}, {"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-27915", "tags": ["US Government Resource"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0 and 10.1. A stored cross-site scripting (XSS) vulnerability exists in the Classic Web Client due to insufficient sanitization of HTML content in ICS files. When a user views an e-mail message containing a malicious ICS entry, its embedded JavaScript executes via an ontoggle event inside a <details> tag. This allows an attacker to run arbitrary JavaScript within the victim's session, potentially leading to unauthorized actions such as setting e-mail filters to redirect messages to an attacker-controlled address. As a result, an attacker can perform unauthorized actions on the victim's account, including e-mail redirection and data exfiltration."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Zimbra Collaboration (ZCS) 9.0, 10.0 y 10.1. Existe una vulnerabilidad de cross site scripting (XSS) almacenado en el cliente web cl\u00e1sico debido a una depuraci\u00f3n insuficiente del contenido HTML en los archivos ICS. Cuando un usuario visualiza un mensaje de correo electr\u00f3nico que contiene una entrada ICS maliciosa, su JavaScript incrustado se ejecuta mediante un evento ontoggle dentro de una etiqueta . Esto permite a un atacante ejecutar JavaScript arbitrario en la sesi\u00f3n de la v\u00edctima, lo que podr\u00eda provocar acciones no autorizadas, como configurar filtros de correo electr\u00f3nico para redirigir los mensajes a una direcci\u00f3n controlada por el atacante. Como resultado, un atacante puede realizar acciones no autorizadas en la cuenta de la v\u00edctima, como la redirecci\u00f3n de correo electr\u00f3nico y la exfiltraci\u00f3n de datos."}], "lastModified": "2025-11-04T16:45:11.053", "cisaActionDue": "2025-10-28", "cisaExploitAdd": "2025-10-07", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F7A8D86-7352-45D1-A809-D19FCC4A4ED0", "versionEndExcluding": "10.0.13", "versionStartIncluding": "10.0.0"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD5597BA-6D2C-4E3A-AA67-0F29DA04CA76", "versionEndExcluding": "10.1.5", "versionStartIncluding": "10.1.0"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32AFCE22-5ADA-4FF7-A165-5EC12B325DEF"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3577FE6-F1F4-4555-8D27-84D6DE731EA3"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "931BD98E-1A5F-4634-945B-BDD7D2FAA8B0"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p11:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E7C0A57-A887-4D29-B601-4275313F46B3"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p12:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7248B91-D136-4DD5-A631-737E4C220A02"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p13:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "494F6FD4-36ED-4E40-8336-7F077FA80FA8"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p14:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DF8C0CE-A71D-4BB1-83FB-1EA5ED77E0C9"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p15:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0648498-2EE5-4B68-8360-ED5914285356"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p16:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24282FF8-548B-415B-95CA-1EFD404D21D3"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p17:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACFDF2D9-ED72-4969-AA3B-E8D48CB1922D"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p18:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B7D0A8B-7A72-4C1A-85F2-BE336CA47E0B"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p19:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "019AFC34-289E-4A01-B08B-A5807F7F909A"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E7B3976-DA6F-4285-93E6-2328006F7F4D"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p20:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "062E586F-0E02-45A6-93AD-895048FC2D4C"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p21:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3EE37BEE-4BDB-4E62-8DE3-98CF74DFBE01"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p22:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADF51BCA-37DD-4642-B201-74A6D1A545FF"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p23:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39611F3D-A898-4C35-8915-3334CDFB78E5"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p24:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40AB56B7-7222-4C44-A271-45DFE3673F72"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p24.1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AE8F501-4528-4F15-AE50-D4F11FB462DE"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p25:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB9E054B-7790-4E74-A771-40BF6EC71610"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p26:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD924E57-C77B-430B-A615-537BB39CEA9C"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p27:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F43F4AC0-7C82-4CF4-B0C7-3A4C567BC985"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p28:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7991F602-41D7-4377-B888-D66A467EAD67"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p29:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2193FCA2-1AE3-497D-B0ED-5B89727410E3"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA310AFA-492D-4A6C-A7F6-740E82CB6E57"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p30:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF95618B-0BFB-403C-83BE-C97879FC866D"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p31:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A82346A9-9CC2-4B91-BA2F-A815AAA92A7F"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p32:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E800348-E139-418D-910B-7B3A9E1E721C"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p33:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7DE1A7E-573B-42F3-B0A4-D2E676954FE0"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p34:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E60BC1D0-8552-4E6B-B2C5-96038448C238"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p35:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3924251E-13B0-420E-8080-D3312C3D54AF"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p36:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEBE75F9-A494-4C78-927A-EA564BDCCE0B"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p37:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "900BECBA-7FDB-4E35-9603-29706FB87BD2"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p38:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5024FD58-A3ED-43B1-83EF-F4570C2573BA"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p39:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CC9D046-4EB4-4608-8AB7-B60AC330A770"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AF337B5-B296-449B-8848-7636EC7C46C5"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p40:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4535EC5-74D5-41E8-95F1-5C033ADB043E"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p41:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "408E1BFD-16AA-458C-B040-04870522FEBD"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p42:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "205B2CDC-6423-4FD9-9FD0-847ADEB64003"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p43:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CAE21C69-F080-4CE2-A39E-BF3509FB2005"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52232ACA-C158-48C8-A0DB-7689040CB8FB"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B4D0040-86D0-46C3-8A9A-3DD12138B9ED"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2BB9BC7-078D-4E08-88E4-9432D74CA9BA"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F04D4B77-D386-4BC8-8169-9846693F6F11"}, {"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p9:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "992370FA-F171-4FB3-9C1C-58AC37038CE4"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]", "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability"}