CVE-2025-48700

⚠ KEVEPSS 18.2%

Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability

Added to CISA KEV: 4/20/2026

Description

Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that could allow attackers to execute arbitrary JavaScript within the user's session, potentially leading to unauthorized access to sensitive information.

Affected packages (0)

No package mapping in OSV.