Vulnerabilities > CVE-2021-3866 - Unspecified vulnerability in Zulip
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
Cross-site Scripting (XSS) - Stored in GitHub repository zulip/zulip more than and including 44f935695d452cc3fb16845a0c6af710438b153d and prior to 3eb2791c3e9695f7d37ffe84e0c2184fae665cb6.
Vulnerable Configurations
References
- https://blog.zulip.com/2022/01/19/cve-2021-3866/
- https://blog.zulip.com/2022/01/19/cve-2021-3866/
- https://github.com/zulip/zulip/commit/3eb2791c3e9695f7d37ffe84e0c2184fae665cb6
- https://github.com/zulip/zulip/commit/3eb2791c3e9695f7d37ffe84e0c2184fae665cb6
- https://huntr.dev/bounties/5f48dac5-e112-4b23-bbbf-cc00ba83bcf2
- https://huntr.dev/bounties/5f48dac5-e112-4b23-bbbf-cc00ba83bcf2