Product
A critical cross-site scripting (XSS) vulnerability, affecting Synacor Zimbra Collaboration versions prior to 10.1.19, allows an attacker to achieve remote indirect code injection, potentially leading to session hijacking, data exfiltration, or defacement.