3 matches found
EUVD-2026-18838
Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, ./manage.py import reads arbitrary files from the server filesystem via path traversal in uploads/records.json. A crafted export tarball causes the server to copy any file the zulip user can read into the...
CVE-2024-36612
Zulip from 8.0 to 8.3 contains a memory leak vulnerability in the handling of popovers...
Zulip 跨站脚本漏洞
Zulip is a powerful open source group chat application from Zulip, Inc. for combining the immediacy of real-time chat with the productivity benefits of threaded conversations. A security vulnerability exists in Zulip version 7.0-beta1, 7.0-beta2, which stems from a problem with the tooltip of the...