The following table lists the changes that have been made to the
CVE-2024-45515 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.
Jul. 30, 2025
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Description | An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A Cross-Site Scripting (XSS) vulnerability exists in Zimbra webmail due to insufficient validation of the content type metadata when importing files into the briefcase. Attackers can exploit this issue by crafting a file with manipulated metadata, allowing them to bypass content type checks and execute arbitrary JavaScript within the victim’s session. | |
| Added | Reference | https://wiki.zimbra.com/wiki/Security_Center | |
| Added | Reference | https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.9#Security_Fixes | |
| Added | Reference | https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy | |
| Added | Reference | https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories |
CVE ID : CVE-2025-10304 Published : Dec. 3, 2025, 3:27 a.m. | 26 minutes ago Description : The Everest Backup –
CVE ID : CVE-2025-12585 Published : Dec. 3, 2025, 3:27 a.m. | 26 minutes ago Description : The MxChat – AI
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
