Vulnerability Details CVE-2020-10857
Zulip Desktop before 5.0.0 improperly uses shell.openExternal and shell.openItem with untrusted content, leading to remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.026
EPSS Ranking 85.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2020-10857
-
cpe:2.3:a:zulip:zulip_desktop:*