Zimbra zero-day vulnerability actively exploited to steal emails

Alert Security Vulnerability
A cross-site scripting (XSS) vulnerability in the Zimbra email platform is currently actively exploited in attacks targeting European media and government organizations. […]