Zimbra developers released security updates to fix vulnerability that affects all versions of Zimbra. An attacker could exploit some of these vulnerabilities to trigger cross-site scripting and denial of service condition on the targeted system.

Security vulnerability is fixed in the following Zimbra versions:

• Zimbra Daffodil 10.1.9

• Zimbra Daffodil 10.0.15

• 9.0.0 P46

Source: zimbra.com