Recently Zimbra Collaboration 8.6 Patch 5 was released. It fixed two Cross-Site Scripting vulnerabilities discovered by Fortinet's FortiGuard Labs. More details can be found at https://community.zimbra.com/collaboration/f/1884/t/1140919 http://www.fortiguard.com/advisory/fortinet-discovers-zimbra-collaboration-email-body-open-source-edition-cross-site-scripting-vulnerability http://www.fortiguard.com/advisory/fortinet-discovers-zimbra-collaboration-open-source-edition-cross-site-scripting-vulnerability
