Zimbra fixes a critical stored XSS flaw in its Classic Web Client that could let crafted emails run malicious scripts when ...