2 matches found
CVE-2018-9990
In Zulip Server versions before 1.7.2, there was an XSS issue with stream names in topic typeahead...
CVE-2018-9990
CVE-2018-9990 affects Zulip Server prior to 1.7.2, where an XSS flaw exists in stream names used by the topic typeahead. Affected product is Zulip Server; root cause is an XSS in the UI typeahead for stream names (no exploit details provided in the documents). The issue is mitigated by updating t...