Vulnerabilities > Zulipchat

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-10	CVE-2020-24582	Cross-site Scripting vulnerability in Zulipchat Zulip Desktop Zulip Desktop before 5.4.3 allows XSS because string escaping is mishandled during composition of the HTML for the user interface. network low complexity zulipchat CWE-79	6.1
2020-05-09	CVE-2020-12637	Improper Certificate Validation vulnerability in Zulipchat Zulip Desktop Zulip Desktop before 5.2.0 has Missing SSL Certificate Validation because all validation was inadvertently disabled during an attempt to recognize the ignoreCerts option. network low complexity zulipchat CWE-295 critical	9.8
2020-03-18	CVE-2020-9443	Cross-site Scripting vulnerability in Zulipchat Zulip Desktop Zulip Desktop before 4.0.3 loaded untrusted content in an Electron webview with web security disabled, which can be exploited for XSS in a number of ways. network low complexity zulipchat CWE-79	6.1

Vulnerabilities > Zulipchat {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Zulipchat"}]}