CVE-2025-27914 | Zimbra Collaboration Suite 9.0/10.0/10.1 URL /h/rest Query cross site scripting (EUVD-2025-7822)
A vulnerability, which was classified as problematic, has been found in Zimbra Collaboration Suite 9.0/10.0/10.1. Affected by this issue is some unknown functionality of the file /h/rest of the component URL Handler. The manipulation of the argument Query leads to cross site scripting.
This vulnerability is handled as CVE-2025-27914. The attack may be launched remotely. There is no exploit available.