THREATOPS
THREAT OPSCVEs › CVE-2025-48700

CVE-2025-48700 — Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability

CISA KEVExploited: confirmedSynacor

Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that could allow attackers to execute arbitrary JavaScript within the user's session, potentially leading to unauthorized access to sensitive information.

Vulnerability details

Related reporting