Zimbra security advisory (AV24-558)

Serial number: AV24-558
Date: October 2, 2024

On September 4, 2024, Zimbra published a security advisory to address a vulnerability VulnerabilityA flaw or weakness in the design or implementation of an information system or its environment that could be exploited to adversely affect an organization's assets or operations. in the following products:

• Zimbra Daffodil – multiple versions
• Zimbra – multiple versions

The Cyber Centre has received reports that CVE-2024-45519 may have been exploited.

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Patch Release: Multiple security issues related to Cross-Site Scripting (XSS) addressed and resolved