#VU14655 Cross-site scripting in Zulip Server
Vulnerability identifier: #VU14655
Vulnerability risk: Low
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-79
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Zulip Server
Web applications /
Other software
Vendor: Zulip
Description
Vulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error related to user uploads and the (default) LOCAL_UPLOADS_DIR storage backend. A remote attacker can create a specially specially crafted web page, trick the victim intop opening it and execute arbitrary HTML and script code in victim's browser.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Zulip Server: 1.7.0 - 1.7.1
External links
http://blog.zulip.org/2018/04/12/zulip-1-7-2-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
