Exposures › CVE-2025-66376
Synacor ZCS Classic UI XSS via CSS @import in email HTML is actively exploited and linked to ransomware campaigns.
Attackers can inject malicious CSS to execute scripts in the Zimbra Classic UI email interface, enabling credential theft or lateral movement. DIB orgs must patch immediately as this is an actively exploited vulnerability with no disclosed FCA settlement, indicating widespread, avoidable exposure.
Shame score — Active exploitation of a known vulnerability in a widely deployed collaboration suite without a disclosed FCA settlement suggests prolonged neglect or insufficient vendor response.
Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability in the Classic UI where attackers could abuse Cascading Style Sheets (CSS) @import directives in email HTML.
No correlated FedRAMP products.