CISA adds recently disclosed Zimbra bug to its Exploited Vulnerabilities Catalog

In The Hacker News - Original news source is thehackernews.com by Blog Writer

Post Sharing
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) expanded its Known Exploited Vulnerabilities Catalog to include a recently disclosed zero-day flaw in the Zimbra email platform citing evidence of active exploitation in the wild.
Tracked as CVE-2022-24682 (CVSS score: 6.1), the issue concerns a cross-site scripting (XSS) vulnerability in the Calendar feature in Zimbra