Cyber Security News

Hackers are Actively Exploiting Zero-day Flaw in Zimbra Server

Zimbra is a widely used email client used by many organizations worldwide. The Zimbra Collaboration Suite provides a much more comprehensive package of document storage, Editing, instant messaging, mini calendar, and other ease of access administrative controls.

Recent reports indicate that Zimbra Collaboration Suite 8.8.15 had a vulnerability that exists in the mom veto file on the web server relating to XML interpretation by the web server. 

Update on Line number 40

The mom veto file is located in the /opt/zimbra/jetty/webapps/zimbra/m/ folder in which line number 40 was vulnerable since it had a code that does not interpret XML code.

Line number 40: <input name="st" type="hidden" value="${}

The above line does not interpret XML code. 

In order to fix this, Zimbra has recommended their users update the code to the below code.

<input name="st" type="hidden" value="${fn:escapeXml(}"/>

This line interprets XML code and makes the XML characters escape. 

Before updating the above code, it is recommended for users to back up the file. Once after updating the code, Zimbra does not require a restart for this update.

This update must be made on all the mailbox nodes to have the highest level of security on Zimbra servers.

Update in July Patch

The fix for this vulnerability is planned to be released along with the July patch, as mentioned by Zimbra Team.

Users of Zimbra are recommended to take appropriate actions to prevent servers from being exploited by threat actors.

Zimbra, owned by Synacor, is the leading open-source message and collaboration tool used by more than 5000 companies with millions of users worldwide.

The company has a revenue of $5.2 million as of 2022, with more than 500 employees all over the world.


Eswar is a Cyber security reporter with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is reporting data breach, Privacy and APT Threats.

Recent Posts

WhatsApp Secret Code Feature Lets Users Set Unique Locked Chat Passwords

WhatsApp has announced the rollout of a new feature to safeguard sensitive conversations. The Secret…

43 seconds ago

SSNDOB Marketplace Admin Jailed for Selling millions of Americans Data

In a resounding triumph for justice, U.S. District Judge Kathryn Kimball Mizelle has sentenced Vitalii…

12 hours ago

Is Your Online Store Hacked in a Carding Attack? Here’s an Action Plan to Protect

Hackers are plotting to benefit from the generosity of Halloween, Thanksgiving, and Christmas shoppers using…

15 hours ago

Google Researchers Find Out How ChatGPT Queries Can Collect Personal Data

The LLMs (Large Language Models) are evolving rapidly with continuous advancements in their research and…

16 hours ago

New Android Malware Employs Various Tactics to Deceive Malware Analyst

In the dynamic realm of mobile application security, cybercriminals employ ever more sophisticated forms of…

18 hours ago

DJvu Ransomware Mimic as Cracked Software to Compromise Computers

A recent campaign has been observed to be delivering DJvu ransomware through a loader that…

19 hours ago