Описание
SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x before 10.0.12, and 10.1.x before 10.1.4 allows unauthorized redirection to internal network endpoints.
SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x before 10.0.12, and 10.1.x before 10.1.4 allows unauthorized redirection to internal network endpoints.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-25065
- https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.12#Security_Fixes
- https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes
- https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P43#Security_Fixes
- https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
Связанные уязвимости
CVSS3: 5.3
nvd
около 1 года назад
SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x before 10.0.12, and 10.1.x before 10.1.4 allows unauthorized redirection to internal network endpoints.