Zimbra developers released security updates to fix vulnerability that affects all versions of Zimbra. Vulnerability (CVE-2023-41106) could allow an unauthorized attacker to gain access to a Zimbra account.

Security vulnerability is fixed in the following Zimbra versions:

• Daffodil 10.0.3
• 9.0.0 Kepler Patch 35
• 8.8.15 Joule Patch 42

Source: zimbra.com