Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zulip zulip vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-9445
Zulip Server prior to 2.1.3 allows XSS via the modal_link feature in the Markdown functionality.
Zulip Zulip Server
5.8
CVSSv2
CVE-2020-9444
Zulip Server prior to 2.1.3 allows reverse tabnabbing via the Markdown functionality.
Zulip Zulip Server
5.8
CVSSv2
CVE-2019-19775
The image thumbnailing handler in Zulip Server versions 1.9.0 to prior to 2.0.8 allowed an open redirect that was visible to logged-in users.
Zulip Zulip Server
2 Github repositories
NA
CVE-2023-47642
Zulip is an open-source team collaboration tool. It exists by the Zulip development team that active users who had previously been subscribed to a stream incorrectly continued being able to use the Zulip API to access metadata for that stream. As a result, users who had been remo...
Zulip Zulip Server
7.5
CVSSv2
CVE-2020-10857
Zulip Desktop prior to 5.0.0 improperly uses shell.openExternal and shell.openItem with untrusted content, leading to remote code execution.
Zulip Zulip Desktop
5
CVSSv2
CVE-2020-10858
Zulip Desktop prior to 5.0.0 allows malicious users to perform recording via the webcam and microphone due to a missing permission request handler.
Zulip Zulip Desktop
3.5
CVSSv2
CVE-2020-10935
Zulip Server prior to 2.1.3 allows XSS via a Markdown link, with resultant account takeover.
Zulip Zulip Server
4
CVSSv2
CVE-2017-0910
In Zulip Server prior to 1.7.1, on a server with multiple realms, a vulnerability in the invitation system lets an authorized user of one realm on the server create a user account on any other realm.
Zulip Zulip Server
4.3
CVSSv2
CVE-2018-9986
In Zulip Server versions prior to 1.7.2, there were XSS issues with the frontend markdown processor.
Zulip Zulip Server
4.3
CVSSv2
CVE-2018-9987
In Zulip Server versions 1.5.x, 1.6.x, and 1.7.x prior to 1.7.2, there was an XSS issue with muting notifications.
Zulip Zulip Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »