Zulipchat: >> Zulip Desktop >> 5.0.0 Security Vulnerabilities
Zulip Desktop before 5.4.3 allows XSS because string escaping is mishandled during composition of the HTML for the user interface.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-09-10
Zulip Desktop before 5.2.0 has Missing SSL Certificate Validation because all validation was inadvertently disabled during an attempt to recognize the ignoreCerts option.
CVSS Score
9.8
EPSS Score
0.002
Published
2020-05-09