CVE-2025-27915

MEDIUM CISA KEV

CVSS v3

5.4

MEDIUM

EPSS Score

—

exploit probability

CISA KEV

Yes

known exploited

Exploitation

—

SSVC status

Description

An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0 and 10.1. A stored cross-site scripting (XSS) vulnerability exists in the Classic Web Client due to insufficient sanitization of HTML content in ICS files. When a user views an e-mail message containing a malicious ICS entry, its embedded JavaScript executes via an ontoggle event inside a <details> tag. This allows an attacker to run arbitrary JavaScript within the victim's session, potentially leading to unauthorized actions suc

CISA Known Exploited Vulnerability

Date Added: 10/7/2025
Patch Due Date: 10/28/2025
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Technical Details

CVSS v3 Vector: 3.1
Published: 3/12/2025
Last Modified: 11/4/2025

Frequently Asked Questions

What is CVE-2025-27915?

Is CVE-2025-27915 actively exploited?

Yes. CVE-2025-27915 is on the CISA Known Exploited Vulnerabilities (KEV) catalog, meaning it has been confirmed as actively exploited in the wild. CISA requires federal agencies to patch by 10/28/2025.

What is the CVSS score for CVE-2025-27915?

CVE-2025-27915 has a CVSS v3 base score of 5.4 (MEDIUM severity), with vector string 3.1.

Is CVE-2025-27915 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.

Check an IP Search CVEs

Back to CVE Database