Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:16 a.m.5 views

CVE-2024-36625

Zulip 8.3 is vulnerable to Cross Site Scripting XSS via the replaceemojiwithtext function in uiutil.ts...

5.4CVSS6AI score0.00378EPSS
Exploits0References1
NVD
NVD
added 2024/11/29 6:15 p.m.27 views

CVE-2024-36624

Zulip 8.3 is vulnerable to Cross Site Scripting XSS via the constructcopydiv function in copyandpaste.js...

5.4CVSS0.00378EPSS
Exploits0References3
NVD
NVD
added 2024/11/29 5:15 p.m.23 views

CVE-2024-36625

Zulip 8.3 is vulnerable to Cross Site Scripting XSS via the replaceemojiwithtext function in uiutil.ts...

5.4CVSS0.00378EPSS
Exploits0References3
OSV
OSV
added 2024/11/29 12:0 a.m.8 views

CVE-2024-36624

Zulip 8.3 is vulnerable to Cross Site Scripting XSS via the constructcopydiv function in copyandpaste.js...

5.4CVSS6AI score0.00378EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/11/29 12:0 a.m.10 views

CVE-2024-36624

Zulip 8.3 is vulnerable to Cross Site Scripting XSS via the constructcopydiv function in copyandpaste.js...

6AI score0.00378EPSS
Exploits0References3
CVE
CVE
added 2024/11/29 12:0 a.m.50 views

CVE-2024-36624

CVE-2024-36624 affects Zulip 8.3 and is caused by the construct_copy_div function in copy_and_paste.js, enabling Cross-Site Scripting (XSS). The vulnerability is confirmed across multiple feeds (NVD, OSV, CVE list) with the same description. Practical impact is XSS via copying/pasting content thr...

5.4CVSS5.8AI score0.00378EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/29 12:0 a.m.12 views

CVE-2024-36625

Zulip 8.3 is vulnerable to Cross Site Scripting XSS via the replaceemojiwithtext function in uiutil.ts...

6AI score0.00378EPSS
Exploits0References3
CVE
CVE
added 2024/11/29 12:0 a.m.62 views

CVE-2024-36625

Zulip 8.3 is vulnerable to Cross-Site Scripting (XSS) through the replace_emoji_with_text function in ui_util.ts. The Red Hat, NVD, OSV, CIRCL, CNNVD, CVE.org, and PT Security entries consistently describe this XSS vector involving the emoji replacement logic, but do not provide a tested exploit ...

5.4CVSS5.8AI score0.00378EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/11/29 12:0 a.m.17 views

CVE-2024-36624

Zulip 8.3 is vulnerable to Cross Site Scripting XSS via the constructcopydiv function in copyandpaste.js...

0.00378EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/29 12:0 a.m.26 views

CVE-2024-36625

Zulip 8.3 is vulnerable to Cross Site Scripting XSS via the replaceemojiwithtext function in uiutil.ts...

0.00378EPSS
Exploits0References3
Rows per page
Query Builder