cvedb.io
CVE-2025-25065
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2025-02-03T20:15:37.370 · Last modified 2026-06-17T09:00:14.073

Summary

SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x before 10.0.12, and 10.1.x before 10.1.4 allows unauthorized redirection to internal network endpoints.

Affected products

synacor — zimbra_collaboration_suite

Does this affect you?

Add your gear to cvedb and we'll alert you only when synacor ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.