Zimbra webmail client has a vulnerability that allow Javascript code to be injected into pages running in authenticated contexts that affect the 8.8.x, 9.0.x and/or 10.0.x release trains.
The Stormhield Network Security (SNS) appliance natively protects you from that attack, using the default HTTP inspection from the IPS engine
| ID | Name |
| http:url:decoded.58 | XSS – Prevention – GET ‘script’ tag found in XML |