Zimbra has released ZCS 10.0.2 that fixes two security issues, including the known bug that could lead to exposure of internal JSP and XML files.
Zimbra 0-day used to target international government organizations
Zimbra Vulnerability Exploited to Gain Access to Email Mailboxes
Understanding the Zimbra XSS Vulnerability
What We Know About the Zero-Day Vulnerability Affecting Zimbra
Cyble - Zimbra Email Vulnerability (CVE-2022-37042) Weaponized To
News Malwarebytes Blog
Microsoft's July 2023 Patch Tuesday Addresses 130 CVEs (CVE-2023
Google Researchers Discover In-the-Wild Exploitation of Zimbra
Zimbra issues awaited patch for actively exploited vulnerability
Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day)
Zimbra Collaboration Suite vulnerability CVE-2022-41352