Zimbra not affected by log4j (CVE-2021-44228)
After intensive review and testing, Zimbra Development determined that the 0-day exploit vulnerability for log4j (CVE-2021-44228) does not affect the current Supported Zimbra versions (9.0.0 & 8.8.15). Zimbra Collaboration Server currently uses log4j1 version 1.2.16 which doesn't contain the lookup expression feature that is found within versions 2.0 to 2.17, which is the cause of the vulnerability. Also, Redhat (CVE-2021-4104) vulnerability does not affect the Zimbra Collaboration Server version (8.8.15 & 9.0.0). For this vulnerability to affect the server, it needs JMSAppender, which the ZCS Server does not use, and the ability to append configuration files.

CSS Code in Replies and New Emails

Take your Zimbra with you!
enduser2021
Posts: 4
Joined: Wed Jul 14, 2021 2:27 pm

CSS Code in Replies and New Emails

Postby enduser2021 » Thu Jan 06, 2022 3:49 pm

Anyone familiar as to why this shows up in the text field when composing or replying to emails in webmail on mobile devices?

Code: Select all

/<![CDATA[/p.MsoNormal, li.MsoNormal, div.MsoNormal

{                 margin: 0.0in;                 font-size: 11.0pt;                 font-family: Calibri , sans-serif; }
a:link, span.MsoHyperlink

{                 color: blue;                 text-decoration: underline; }
a:visited, span.MsoHyperlinkFollowed

{                 color: purple;                 text-decoration: underline; }
*.MsoChpDefault

{                 font-size: 11.0pt; }
div.WordSection1

{                 page: WordSection1; }
/]]>/
Attachments
IMG_4616.jpg
IMG_4616.jpg (296.1 KiB) Viewed 946 times


Return to “Mobility”

Who is online

Users browsing this forum: No registered users and 12 guests