Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Crafted link in Zulip message can cause disclosure of credentials
Vulnerability Description
Zulip is an open source team chat and Zulip Mobile is an app for iOS and Andriod users. In Zulip Mobile through version 27.189, a crafted link in a message sent by an authenticated user could lead to credential disclosure if a user follows the link. A patch was released in version 27.190.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
不完整的黑名单
Vulnerability Title
Zulip 安全漏洞
Vulnerability Description
Zulip是Zulip团队的一款功能强大的开源群聊应用程序。用于将实时聊天的即时性与线程对话的生产力优势相结合。 Zulip 27.189之前版本存在安全漏洞,该漏洞源于攻击者精心制作的链接可能会导致用户凭据泄露。
CVSS Information
N/A
Vulnerability Type
N/A