Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Zulip_desktop
(Zulipchat)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-03-18 | CVE-2020-9443 | Zulip Desktop before 4.0.3 loaded untrusted content in an Electron webview with web security disabled, which can be exploited for XSS in a number of ways. This especially affects Zulip Desktop 2.3.82. | Zulip_desktop | 6.1 | ||
| 2020-09-10 | CVE-2020-24582 | Zulip Desktop before 5.4.3 allows XSS because string escaping is mishandled during composition of the HTML for the user interface. | Zulip_desktop | 6.1 | ||
| 2020-05-09 | CVE-2020-12637 | Zulip Desktop before 5.2.0 has Missing SSL Certificate Validation because all validation was inadvertently disabled during an attempt to recognize the ignoreCerts option. | Zulip_desktop | N/A |