What is the severity of CVE-2025-27915?

CVE-2025-27915 has a CVSS v3 score of 5.4, which is classified as Medium severity.

Is there an exploit available for CVE-2025-27915?

Yes, there are known exploits available for CVE-2025-27915. Immediate patching is recommended.

Is there a patch available for CVE-2025-27915?

Yes, patches are available for CVE-2025-27915. Check the vendor advisories for update instructions.

CVE-2025-27915

Published: January 26, 2026

Last updated:11 hours ago (January 26, 2026)

Exploit: YesZero-day: YesPatch: YesTrend: Neutral

TL;DR

Updated January 26, 2026

CVE-2025-27915 is a medium severity vulnerability with a CVSS score of 5.4. Exploits are available; patches have been released and should be applied urgently. This is classified as a zero-day vulnerability.

Key Points

1Medium severity (CVSS 5.4/10)
2EPSS: 29.00% - high likelihood of exploitation
3Public exploits are available
4Vendor patches are available
5Strobes Priority Score: 520/1000 (Medium)
6Affects products from: Synacor

Severity Scores

CVSS v35.4

CVSS v20.0

Priority Score520.0

EPSS Score29.0

Medium

Exploitation LikelihoodHigh

29.00%EPSS

High probability of exploitation in the next 30 days

Prioritize patching within days

29.00%

EPSS

5.4

CVSS

Yes

Exploit

Yes

Patch

High Priority

high EPSS • exploit exists

EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.

Description

Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that exists in the Classic Web Client due to insufficient sanitization of HTML content in ICS files. When a user views an e-mail message containing a malicious ICS entry, its embedded JavaScript executes via an ontoggle event inside a tag. This allows an attacker to run arbitrary JavaScript within the victim's session, potentially leading to unauthorized actions such as setting e-mail filters to redirect messages to an attacker-controlled address. As a result, an attacker can perform unauthorized actions on the victim's account, including e-mail redirection and data exfiltration.

CVSS v3 Breakdown

Attack Vector:Network

Attack Complexity:Local

Privileges Required:Local

User Interaction:Required

Scope:Changed

Confidentiality:Local

Integrity:Local

Availability:Network

Exploit References

Cisa.gov Nuclei Vendor Advisory

Patch References

Wiki.zimbra.com Wiki.zimbra.com Wiki.zimbra.com Zeroday CZ

Trend Analysis

Neutral

Vulnerable Products

Vendor	Product
Synacor	Zimbra Collaboration Suite

Advisories

CISA: Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that exists in the Classic Web Client due to insufficient sanitization of HTML content in ICS files. When a user views an e-mail message containing a malicious ICS entry, its embedded JavaScript executes via an ontoggle event inside a tag. This allows an attacker to run arbitrary JavaScript within the victim's session, potentially leading to unauthorized actions such as setting e-mail filters to redirect messages to an attacker-controlled address. As a result, an attacker can perform unauthorized actions on the victim's account, including e-mail redirection and data exfiltration.

GitHub Advisory NVD

Cite This Page

APA Format

Strobes VI. (2026). CVE-2025-27915 - CVE Details and Analysis. Strobes VI. Retrieved January 26, 2026, from https://vi.strobes.co/cve/CVE-2025-27915

Quick copy link + title

Please cite this page when referencing data from Strobes VI. Proper attribution helps support our vulnerability intelligence research.

Vendor

Product

Synacor

Zimbra Collaboration Suite