Описание
Zulip Server 2.x before 2.1.7 allows eval injection if a privileged attacker were able to write directly to the postgres database, and chose to write a crafted custom profile field value.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| zulip-server | itp | package |
EPSS
Процентиль: 71%
0.00656
Низкий
Связанные уязвимости
CVSS3: 8.8
nvd
больше 5 лет назад
Zulip Server 2.x before 2.1.7 allows eval injection if a privileged attacker were able to write directly to the postgres database, and chose to write a crafted custom profile field value.
github
больше 3 лет назад
Zulip Server 2.x before 2.1.7 allows eval injection if a privileged attacker were able to write directly to the postgres database, and chose to write a crafted custom profile field value.
EPSS
Процентиль: 71%
0.00656
Низкий