📦 Zulip Server
by Zulip
🔍 What is Zulip Server?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
Zulip versions 8.0 through 8.3 contain a memory leak vulnerability in popover handling that allows attackers to gradually exhaust server memory through repeated triggering. This affects all Zulip serv...
This cross-site scripting (XSS) vulnerability in Zulip Server allows attackers to inject malicious JavaScript into topic tooltips. When a victim hovers over a specially crafted topic in their message ...
This vulnerability in Zulip Server allows multi-use invitations created in one organization to be used to join any other organization on the same deployment. This bypasses email domain restrictions, g...
This stored cross-site scripting (XSS) vulnerability in Zulip allows attackers to inject malicious scripts into group or channel names. When administrators perform user profile actions, these scripts ...
CVE-2024-56136 is an information disclosure vulnerability in Zulip Server that allows unauthenticated attackers to determine if specific email addresses are registered on multi-organization instances....