CISA adds recently disclosed Zimbra bug to its Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA)expandedits Known Exploited Vulnerabilities Catalog to include a recently disclosed zero-day flaw in the Zimbra email platform citing evidence of active exploitation in the wild. Tracked asCVE-2022-24682(CVSS score: 6.1), the issue concerns a cross-site scripting (XSS) vulnerability in the Calendar feature in Zimbra