vulnerability

Zimbra Collaboration: CVE-2025-32354: Collaboration: Cross-Site Request Forgery (CSRF)

Try Surface Command
Back to search
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Apr 29, 2025
Added
Apr 29, 2025
Modified
Feb 6, 2026

Description

CSRF vulnerability on GraphQL endpoints allowing unauthorized operations has been addressed by enforcing CSRF token validation.

Solution

zimbra-collaboration-upgrade-latest

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today