Fortinet Discovers Zimbra Collaboration Cross-Site Request Forgery Vulnerability
Fortinet's FortiGuard Labs has discovered a Cross-Site Request Forgery (CSRF) vulnerability in Zimbra Collaboration.
Fortinet reported the vulnerability to Zimbra on September 24, 2015.
Zimbra confirmed the vulnerability on April 12, 2016.
Zimbra patched the vulnerability on April 12, 2018.
This vulnerability was discovered by Zhouyuan Yang of Fortinet's FortiGuard Labs.