CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14194
https://notcve.org/view.php?id=CVE-2020-14194
21 Aug 2020 — Zulip Server before 2.1.5 allows reverse tabnapping via a topic header link. Zulip Server versiones anteriores a 2.1.5, permite tabnapping inverso por medio de un enlace de encabezado de tema. • https://blog.zulip.com/2020/06/17/zulip-server-2-1-5-security-release • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14215
https://notcve.org/view.php?id=CVE-2020-14215
21 Aug 2020 — Zulip Server before 2.1.5 has Incorrect Access Control because 0198_preregistrationuser_invited_as adds the administrator role to invitations. Zulip Server versiones anteriores a 2.1.5, presenta un Control de Acceso Incorrecto porque la función 0198_preregistrationuser_invited_as agrega el papel de administrador a las invitaciones. • https://blog.zulip.com/2020/06/17/zulip-server-2-1-5-security-release • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15070
https://notcve.org/view.php?id=CVE-2020-15070
21 Aug 2020 — Zulip Server 2.x before 2.1.7 allows eval injection if a privileged attacker were able to write directly to the postgres database, and chose to write a crafted custom profile field value. Zulip Server versiones 2.x anteriores a 2.1.7, permite una inyección eval si un atacante privilegiado era capaz de escribir directamente en la base de datos de postgres y eligió escribir un valor diseñado del campo de perfil personalizado. • https://blog.zulip.com/2020/06/26/zulip-server-2-1-7-security-release • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9445
https://notcve.org/view.php?id=CVE-2020-9445
20 Apr 2020 — Zulip Server before 2.1.3 allows XSS via the modal_link feature in the Markdown functionality. El servidor Zulip versiones anteriores a 2.1.3, permite un ataque de tipo XSS por medio de la característica modal_link en la funcionalidad Markdown. • https://blog.zulip.org/2020/04/01/zulip-server-2-1-3-security-release • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9444
https://notcve.org/view.php?id=CVE-2020-9444
20 Apr 2020 — Zulip Server before 2.1.3 allows reverse tabnabbing via the Markdown functionality. El servidor Zulip versiones anteriores a 2.1.3, permite un tabnabbing inverso por medio de la funcionalidad Markdown. • https://blog.zulip.org/2020/04/01/zulip-server-2-1-3-security-release • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-10935
https://notcve.org/view.php?id=CVE-2020-10935
20 Apr 2020 — Zulip Server before 2.1.3 allows XSS via a Markdown link, with resultant account takeover. El servidor Zulip versiones anteriores a la versión 2.1.3, permite un ataque de tipo XSS por medio de un enlace Markdown, con una toma de control de cuenta resultante. • https://blog.zulip.org/2020/04/01/zulip-server-2-1-3-security-release • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19775
https://notcve.org/view.php?id=CVE-2019-19775
18 Dec 2019 — The image thumbnailing handler in Zulip Server versions 1.9.0 to before 2.0.8 allowed an open redirect that was visible to logged-in users. El controlador del proceso de imágenes miniaturas en el servidor Zulip versiones 1.9.0 anteriores a la versión 2.0.8, permitió un redireccionamiento abierto que era visible para usuarios registrados. • https://blog.zulip.org/2019/12/13/zulip-server-2-0-8-security-release • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-18933
https://notcve.org/view.php?id=CVE-2019-18933
21 Nov 2019 — In Zulip Server versions from 1.7.0 to before 2.0.7, a bug in the new user signup process meant that users who registered their account using social authentication (e.g., GitHub or Google SSO) in an organization that also allows password authentication could have their personal API key stolen by an unprivileged attacker, allowing nearly full access to the user's account. En Zulip Server versiones 1.7.0 anteriores a 2.0.7, un error en el proceso nuevo registro de usuarios, significaba que usuarios que regist... • https://blog.zulip.org/2019/11/21/zulip-2-0-7-security-release •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16216
https://notcve.org/view.php?id=CVE-2019-16216
18 Sep 2019 — Zulip server before 2.0.5 incompletely validated the MIME types of uploaded files. A user who is logged into the server could upload files of certain types to mount a stored cross-site scripting attack on other logged-in users. On a Zulip server using the default local uploads backend, the attack is only effective against browsers lacking support for Content-Security-Policy such as Internet Explorer 11. On a Zulip server using the S3 uploads backend, the attack is confined to the origin of the configured S3... • https://blog.zulip.org/2019/09/11/zulip-server-2-0-5-security-release • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16215
https://notcve.org/view.php?id=CVE-2019-16215
18 Sep 2019 — The Markdown parser in Zulip server before 2.0.5 used a regular expression vulnerable to exponential backtracking. A user who is logged into the server could send a crafted message causing the server to spend an effectively arbitrary amount of CPU time and stall the processing of future messages. El analizador Markdown en el servidor Zulip versiones anteriores a 2.0.5, usó una expresión regular vulnerable al backtracking exponencial. Un usuario que haya iniciado sesión en el servidor podría enviar un mensaj... • https://blog.zulip.org/2019/09/11/zulip-server-2-0-5-security-release • CWE-1333: Inefficient Regular Expression Complexity •