Zulipchat - Zulip Desktop CVE

Filtered by vendor Zulipchat Subscribe

Filtered by product Zulip Desktop

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-24582	1 Zulipchat	1 Zulip Desktop	2020-09-11	4.3 MEDIUM	6.1 MEDIUM
Zulip Desktop before 5.4.3 allows XSS because string escaping is mishandled during composition of the HTML for the user interface.
CVE-2020-9443	1 Zulipchat	1 Zulip Desktop	2020-03-20	4.3 MEDIUM	6.1 MEDIUM
Zulip Desktop before 4.0.3 loaded untrusted content in an Electron webview with web security disabled, which can be exploited for XSS in a number of ways. This especially affects Zulip Desktop 2.3.82.

Vulnerabilities (CVE)