Over 10,000 Zimbra Collaboration Suite Servers Vulnerable to Active XSS Exploitation

Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw. The vulnerability is actively being exploited, though specific technical details such as the CVE ID or exact attack timeline are not provided. The affected systems are Zimbra email servers accessible via the internet, with no geographic or organizational restrictions mentioned. The impact involves potential unauthorized access or manipulation of user sessions due to the XSS flaw. No patch or mitigation steps are explicitly stated in the reported content.