Zulip: Security Vulnerabilities
In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to move messages to streams in other organizations hosted by the same Zulip installation.
CVSS Score
2.7
EPSS Score
0.002
Published
2021-04-15
Zulip Desktop before 5.0.0 improperly uses shell.openExternal and shell.openItem with untrusted content, leading to remote code execution.
CVSS Score
9.8
EPSS Score
0.026
Published
2021-02-05
Zulip Desktop before 5.0.0 allows attackers to perform recording via the webcam and microphone due to a missing permission request handler.
CVSS Score
5.3
EPSS Score
0.002
Published
2021-02-05
Zulip Server before 2.1.5 allows reflected XSS via the Dropbox webhook.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-08-21
Zulip Server before 2.1.5 allows reverse tabnapping via a topic header link.
CVSS Score
5.4
EPSS Score
0.002
Published
2020-08-21
Zulip Server before 2.1.5 has Incorrect Access Control because 0198_preregistrationuser_invited_as adds the administrator role to invitations.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-08-21
Zulip Server 2.x before 2.1.7 allows eval injection if a privileged attacker were able to write directly to the postgres database, and chose to write a crafted custom profile field value.
CVSS Score
8.8
EPSS Score
0.007
Published
2020-08-21
Zulip Server before 2.1.3 allows XSS via a Markdown link, with resultant account takeover.
CVSS Score
5.4
EPSS Score
0.003
Published
2020-04-20
Zulip Server before 2.1.3 allows reverse tabnabbing via the Markdown functionality.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-04-20
Zulip Server before 2.1.3 allows XSS via the modal_link feature in the Markdown functionality.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-04-20