Patch Release Update: Zimbra 10.1.19

Patch Security Severity: High 

Deployment Risk: Low


We have released Zimbra 10.1.19 to address a critical security vulnerability which impacts the Classic Web Client:

We strongly recommend upgrading to this version to keep your environment secure.


Any customer using the Classic Web Client should upgrade to ZCS v10.1.19 as soon as possible, as this issue only impacts the users of Classic Web Client. 

The update fixes a security issue in the Classic Web Client where a specially crafted email could run malicious code when the email is opened. If exploited, it could allow access to mailbox information, session data, or account settings.

We strongly recommend all customers to upgrade to ZCS v10.1.19 to ensure they have received the latest security patches, bug fixes, and enhancements.


If you require assistance applying these mitigations or have concerns regarding potential exposure, please raise a support ticket here.

No comments yet.

Leave a Reply

Copyright © 2022 Zimbra, Inc. All rights reserved.

All information contained in this blog is intended for informational purposes only. Synacor, Inc. is not responsible or liable in any manner for the use or misuse of any technical content provided herein. No specific or implied warranty is provided in association with the information or application of the information provided herein, including, but not limited to, use, misuse or distribution of such information by any user. The user assumes any and all risk pertaining to the use or distribution in any form of any subject matter contained in this blog.

Legal Information | Privacy Policy | Do Not Sell My Personal Information | CCPA Disclosures