Vulnerabilidades en Zulip
37 resultadosCVE-2021-43799HIGHRabbitMQ exposes ports with weak default secrets in Zulip ServerEPSS 5.4%CVE-2021-41115MEDIUMRegular expression denial-of-service in ZulipEPSS 1.7%CVE-2022-21706HIGHMulti-use invitations can grant access to other organizations in ZulipEPSS 1.3%CVE-2017-0896—Zulip Server 1.5.1 and below suffer from an error in the implementation of the invite_by_admins_only setting in the Zulip group chat applicaEPSS 1.3%CVE-2017-0910—In Zulip Server before 1.7.1, on a server with multiple realms, a vulnerability in the invitation system lets an authorized user of one realEPSS 1.1%CVE-2022-24751MEDIUMRace condition in ZulipEPSS 0.9%CVE-2021-3866MEDIUMCross-site Scripting (XSS) - Stored in zulip/zulipEPSS 0.9%CVE-2022-35962HIGHCrafted link in Zulip message can cause disclosure of credentialsEPSS 0.9%CVE-2021-3967MEDIUMImproper Access Control in zulip/zulipEPSS 0.8%CVE-2022-31134MEDIUMZulip Server public data export contains attachments that are non-publicEPSS 0.7%CVE-2021-43791MEDIUMIneffective expiration validation for invitation links in ZulipEPSS 0.6%CVE-2022-31168MEDIUMZulip Server insufficient authorization for changing bot rolesEPSS 0.6%CVE-2023-33186HIGHCross-site scripting vulnerability in Zulip Server development branch via topic tooltipEPSS 0.6%CVE-2023-32677LOWUsers who can send invitations can erroneously add users to streams during invitation in ZulipEPSS 0.6%CVE-2024-56136MEDIUM/api/v1/jwt/fetch_api_key endpoint can leak if an email address has an account in Zulip serverEPSS 0.5%CVE-2022-23656MEDIUMCross-site scripting vulnerability in Zulip ServerEPSS 0.5%CVE-2022-31017LOWExpression Always True vulnerability in Zulip ServerEPSS 0.5%CVE-2023-28623MEDIUMUnauthorized user can register an account in specific configurations in ZulipEPSS 0.5%CVE-2024-27286MEDIUMMoving single messages from public to private streams leaves them accessibleEPSS 0.5%CVE-2023-22735MEDIUMUser uploads proxied from S3 lack `Content-Security-Policy` headers, may be served with `Content-Disposition: inline` in zulipEPSS 0.5%