Fortinet Discovers Zimbra Collaboration Cross-Site Request Forgery Vulnerability
Fortinet's FortiGuard Labs has discovered a Cross-Site Request Forgery (CSRF) vulnerability in Zimbra Collaboration.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Oct 09, 2015
Fortinet reported the vulnerability to Zimbra on September 24, 2015.
Zimbra confirmed the vulnerability on April 12, 2016.
Zimbra patched the vulnerability on April 12, 2018.
This vulnerability was discovered by Zhouyuan Yang of Fortinet's FortiGuard Labs.