Lucene search

CVE-2023-22735

🗓️ 07 Feb 2023 19:09:15Reported by [email protected]Type

Insecure file upload vulnerability in Zulip pre-commit `2f6c5a8

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
Vulnrichment	CVE-2023-22735 User uploads proxied from S3 lack `Content-Security-Policy` headers, may be served with `Content-Disposition: inline` in zulip	7 Feb 202318:48	–	vulnrichment
OSV	CVE-2023-22735	7 Feb 202319:15	–	osv
Prion	Design/Logic Flaw	7 Feb 202319:15	–	prion
Cvelist	CVE-2023-22735 User uploads proxied from S3 lack `Content-Security-Policy` headers, may be served with `Content-Disposition: inline` in zulip	7 Feb 202318:48	–	cvelist
CVE	CVE-2023-22735	7 Feb 202319:15	–	cve

Nvd

Node

zulip zulip_serverMatch2023-01-09

Source	Link
github	www.github.com/zulip/zulip/commit/2f6c5a883e106aa82a570d3d1f243993284b70f3
github	www.github.com/zulip/zulip/commit/04cf68b45ebb5c03247a0d6453e35ffc175d55da
github	www.github.com/zulip/zulip/security/advisories/GHSA-wm83-3764-5wqh
zulip	www.zulip.readthedocs.io/en/latest/production/upgrade-or-modify.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

07 Feb 2023 19:15Current

4.8Medium risk

Vulners AI Score4.8

CVSS34.6

EPSS0.00241

CWE-436