CVE ID :CVE-2026-33372 Published : March 20, 2026, 2:16 p.m. | 1 hour, 56 minutes ago Description :An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A cross-site request forgery (CSRF) vulnerability exists in Zimbra Webmail due to improper validation of CSRF tokens. The application accepts CSRF tokens supplied within the request body instead of requiring them through the expected request header. An attacker can exploit this issue by tricking an authenticated user into submitting a crafted request. This may allow unauthorized actions to be performed on behalf of the victim. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...