VDB

CESS-2025-25065

CESS-2025-25065 PUBLISHED CVSS 5.3 MEDIUM

SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x before 10.0.12, and 10.1.x before 10.1.4 allows unauthorized redirection to internal network endpoints.

Risk Scores

CVSS 3.1
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Timeline

  • Feb 3, 2025 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›