CVE-2019-19775

The image thumbnailing handler in Zulip Server versions 1.9.0 to before 2.0.8 allowed an open redirect that was visible to logged-in users.

CVE-2020-12759

Zulip Server before 2.1.5 allows reflected XSS via the Dropbox webhook.

CVE-2017-0896

Zulip Server 1.5.1 and below suffer from an error in the implementation of the invite_by_admins_only setting in the Zulip group chat application server that allowed an authenticated user to invite other users to join a Zulip organization even if the organization was configured to prevent this.

CVE-2018-9986

In Zulip Server versions before 1.7.2, there were XSS issues with the frontend markdown processor.

CVE-2023-32678

Zulip is an open-source team collaboration tool with topic-based threading that combines email and chat. Users who used to be subscribed to a private stream and have been removed from it since retain the ability to edit messages/topics, move messages to other streams, and delete messages that they ...

CVE-2018-9987

In Zulip Server versions 1.5.x, 1.6.x, and 1.7.x before 1.7.2, there was an XSS issue with muting notifications.

CVE-2019-16215

The Markdown parser in Zulip server before 2.0.5 used a regular expression vulnerable to exponential backtracking. A user who is logged into the server could send a crafted message causing the server to spend an effectively arbitrary amount of CPU time and stall the processing of future messages.

CVE-2020-9444

Zulip Server before 2.1.3 allows reverse tabnabbing via the Markdown functionality.

CVE-2018-9990

In Zulip Server versions before 1.7.2, there was an XSS issue with stream names in topic typeahead.

CVE-2020-9445

Zulip Server before 2.1.3 allows XSS via the modal_link feature in the Markdown functionality.