Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, ./manage.py import reads arbitrary files from the server filesystem via path traversal in uploads/records.json. A crafted export tarball causes the server to copy any file the zulip user can read into the uploads directory during import. This issue has been patched in version 11.6.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:NZulip
APPZulip1.4.0 – 11.5
Related vulnerabilities
Zulip is an open source team chat and Zulip Mobile is an app for iOS and Andriod users. In Zulip Mobile throug...
In zulip before 1.3.12, deactivated users could access messages if SSO was enabled.
Improper Access Control in GitHub repository zulip/zulip prior to 4.10.
Zulip is an open-source team collaboration tool. Zulip Server installs RabbitMQ for internal message passing. ...
Zulip is an open-source team collaboration tool. Prior to version 11.6, Zulip is an open-source team collabora...