Actively exploited Zimbra zero-day addressed

Patches have been issued by Zimbra for an actively exploited zero-day flaw in its Zimbra Collaboration Suite email servers two weeks after initial disclosure, reports BleepingComputer. Attacks leveraging the reflected cross-site scripting bug, tracked as CVE-2023-38750, could result in internal JSP and XML file exposure, according to Zimbra, which only initially advised manual mitigation of the vulnerability on impacted mailbox nodes. However, the flaw was noted by Google Threat Analysis Group researcher Maddie Stone to have been identified amid active exploitation. Attacks leveraging the flaw have prompted its inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities Catalog, with the agency urging the remediation of all vulnerable instances by Aug. 17. "These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise," said CISA, which also advised the immediate patching of Ivanti Endpoint Manager Mobile instances earlier this week.