📦 Zulip

Name: Zulip
Author: Zulip

by Zulip

🔍 What is Zulip?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2016-4427

HIGH CVSS 7.5 Jul 28, 2022

This vulnerability in Zulip allows deactivated users to access messages when Single Sign-On (SSO) is enabled. It affects Zulip servers running versions before 1.3.12 with SSO configured. This creates ...

CVE-2021-3967

HIGH CVSS 8.8 Feb 26, 2022

This CVE-2021-3967 vulnerability in Zulip allows attackers to bypass access controls and potentially access sensitive data or perform unauthorized actions. It affects all Zulip servers running version...

CVE-2021-43799

HIGH CVSS 8.6 Jan 25, 2022

This vulnerability in Zulip Server allows remote attackers to brute-force RabbitMQ's weak authentication cookie (only ~20 bits of entropy) to gain code execution as the rabbitmq user and read all mess...

CVE-2024-36624

MEDIUM CVSS 5.4 Nov 29, 2024

Zulip 8.3 contains a cross-site scripting vulnerability in the copy_and_paste.js file that allows attackers to inject malicious scripts into web pages. This affects all users of Zulip 8.3 who view con...