Описание
Zulip Desktop before 4.0.3 loaded untrusted content in an Electron webview with web security disabled, which can be exploited for XSS in a number of ways. This especially affects Zulip Desktop 2.3.82.
Zulip Desktop before 4.0.3 loaded untrusted content in an Electron webview with web security disabled, which can be exploited for XSS in a number of ways. This especially affects Zulip Desktop 2.3.82.
EPSS
Процентиль: 58%
0.00359
Низкий
CVE ID
Связанные уязвимости
CVSS3: 6.1
nvd
почти 6 лет назад
Zulip Desktop before 4.0.3 loaded untrusted content in an Electron webview with web security disabled, which can be exploited for XSS in a number of ways. This especially affects Zulip Desktop 2.3.82.
EPSS
Процентиль: 58%
0.00359
Низкий