CVE-2020-9443

Zulip Desktop before 4.0.3 loaded untrusted content in an Electron webview with web security disabled, which can be exploited for XSS in a number of ways. This especially affects Zulip Desktop 2.3.82.
Configurations

Configuration 1

cpe:2.3:a:zulipchat:zulip_desktop:*:*:*:*:*:*:*:*

Information

Published : 2020-03-18 01:15

Updated : 2020-03-20 04:04


NVD link : CVE-2020-9443

Mitre link : CVE-2020-9443

Products Affected
No products.
CWE