Vulnerabilities > Zulip > Zulip Server > 2.1.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-21 | CVE-2020-14194 | Improper Input Validation vulnerability in Zulip Server Zulip Server before 2.1.5 allows reverse tabnapping via a topic header link. | 5.8 |
2020-08-21 | CVE-2020-12759 | Cross-site Scripting vulnerability in Zulip Server Zulip Server before 2.1.5 allows reflected XSS via the Dropbox webhook. | 4.3 |