A severe Cross-Site Request Forgery (CSRF) vulnerability in Zimbra Collaboration Suite (ZCS) versions 9.0 to 10.1 has put email servers and user data at risk of exploitation. Tracked as CVE-2025-32354, the flaw allows attackers to hijack authenticated sessions and steal sensitive information, including passwords, contacts, and email content. The flaw resides in Zimbra’s GraphQL endpoint (/service/extension/graphql), […]
The post Zimbra Collaboration GraphQL Flaw Lets Hackers Steal User Information appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
The original article found on GBHackers Security | #1 Globally Trusted Cyber Security News Platform Read More
