Zimbra webmail server has two flaws that could let an attacker paw through the inbox and outbox of all the employees in all the enterprises that use the immensely popular collaboration tool, researchers say. In a Tuesday writeup, SonarSource called it a “drastic” situation, given Zimbra’s popularity and the highly sensitive nature of the scads of messages that it handles.

Read full article on Threat Post