Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zulip zulip vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2021-3967
Improper Access Control in GitHub repository zulip/zulip before 4.10.
Zulip Zulip
NA
CVE-2022-35962
Zulip is an open source team chat and Zulip Mobile is an app for iOS and Andriod users. In Zulip Mobile through version 27.189, a crafted link in a message sent by an authenticated user could lead to credential disclosure if a user follows the link. A patch was released in versio...
Zulip Zulip
NA
CVE-2023-32677
Zulip is an open-source team collaboration tool with unique topic-based threading. Zulip administrators can configure Zulip to limit who can add users to streams, and separately to limit who can invite users to the organization. In Zulip Server 6.1 and below, the UI which allows ...
Zulip Zulip
NA
CVE-2016-4426
In zulip prior to 1.3.12, bot API keys were accessible to other users in the same realm.
Zulip Zulip
NA
CVE-2016-4427
In zulip prior to 1.3.12, deactivated users could access messages if SSO was enabled.
Zulip Zulip
312
VMScore
CVE-2022-23656
Zulip is an open source team chat app. The `main` development branch of Zulip Server from June 2021 and later is vulnerable to a cross-site scripting vulnerability on the recent topics page. An attacker could maliciously craft a full name for their account and send messages to a ...
Zulip Zulip Server
383
VMScore
CVE-2018-9990
In Zulip Server versions prior to 1.7.2, there was an XSS issue with stream names in topic typeahead.
Zulip Zulip Server
312
VMScore
CVE-2018-9999
In Zulip Server versions prior to 1.7.2, there was an XSS issue with user uploads and the (default) LOCAL_UPLOADS_DIR storage backend.
Zulip Zulip Server
1 Github repository
668
VMScore
CVE-2020-10857
Zulip Desktop prior to 5.0.0 improperly uses shell.openExternal and shell.openItem with untrusted content, leading to remote code execution.
Zulip Zulip Desktop
312
VMScore
CVE-2020-10935
Zulip Server prior to 2.1.3 allows XSS via a Markdown link, with resultant account takeover.
Zulip Zulip Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »