Vulnerabilities in the Zimbra corporate email client could allow an attacker to gain unrestricted access to an organization's sent and received email messages. SonarSource researchers said that exploitation of issues allows an unauthorized attacker to compromise an organization's mail server and gain access to the emails of employees.

The first issue (CVE-2021-35208) is a cross-site scripting (XSS) vulnerability. The vulnerability can be exploited when the victim views an incoming email with a special JavaScript code.

Additionally, a server side request forgery vulnerability (CVE-2021-35209) was discovered. An attacker could exploit both vulnerabilities to steal user tokens and credentials.

Both vulnerabilities were patched in late June with the release of Zimbra 9.0.0 P16 and 8.8.15 P23.

Source: securitylab.ru