Unrated severityNVD Advisory· Published Aug 21, 2020· Updated Aug 4, 2024
CVE-2020-15070
CVE-2020-15070
Description
Zulip Server 2.x before 2.1.7 allows eval injection if a privileged attacker were able to write directly to the postgres database, and chose to write a crafted custom profile field value.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Zulip/Zulip Serverdescription
- Range: <2.1.7
Patches
Vulnerability mechanics
References
1- blog.zulip.com/2020/06/26/zulip-server-2-1-7-security-release/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.