Security Advisory

CVE-2020-9443

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-03-18 12:20:59

Last updated 2024-08-04 10:26:16

Assigner mitre

State PUBLISHED

Description

Zulip Desktop before 4.0.3 loaded untrusted content in an Electron webview with web security disabled, which can be exploited for XSS in a number of ways. This especially affects Zulip Desktop 2.3.82.

← Browse all CVEs View on cve.org ↗