A confirmed, actively exploited cross-site scripting vulnerability in Synacor Zimbra Collaboration Suite (ZCS) allows attackers to execute malicious code inside authenticated user sessions. CISA has added this to its Known Exploited Vulnerabilities catalog, confirming real-world exploitation. Organizations running Zimbra as their enterprise mail platform face immediate risk of session hijacking and unauthorized mailbox access via stolen or hijacked web sessions.