Security News Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions TheHackerNews Daniel Bender 11 Jul 2026 Share Zimbra fixes a critical stored XSS flaw in its Classic Web Client that could let crafted emails run malicious scripts when opened. Update to 10.1.19.