2 matches found
CVE-2026-26058 Zulip: Path Traversal in Import
Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, ./manage.py import reads arbitrary files from the server filesystem via path traversal in uploads/records.json. A crafted export tarball causes the server to copy any file the zulip user can read into the...
Zulip 路径遍历漏洞
Zulip is a powerful open-source chat application developed by the US company Zulip. It combines the immediacy of real-time conversations with the productivity benefits of threaded dialogue. Versions of Zulip from 1.4.0 to 11.6 contained a path traversal vulnerability, which was caused by a flaw i...