Product
An unauthenticated remote attacker can exploit a Cross-Site Scripting (XSS) vulnerability in the Synacor Zimbra Classic Web Client, allowing the attacker to inject malicious scripts into web pages viewed by other users, potentially leading to session hijacking, data theft, or defacement.