4 matches found
CVE-2020-12759
Zulip Server before 2.1.5 allows reflected XSS via the Dropbox webhook...
CVE-2020-12759
Zulip Server before 2.1.5 allows reflected XSS via the Dropbox webhook...
CVE-2020-12759
CVE-2020-12759 affects Zulip Server prior to 2.1.5, with a reflected XSS vulnerability via the Dropbox webhook. Public records across NVD/Red Hat OSV/CVE entries confirm the issue in Zulip Server before 2.1.5 and indicate the root cause as unsafe handling of the webhook payload leading to cross-s...
CVE-2020-12759
Zulip Server before 2.1.5 allows reflected XSS via the Dropbox webhook...