Vulnerability-Lookup

CVE-2026-24050 (GCVE-0-2026-24050)

Vulnerability from cvelistv5 – Published: 2026-02-06 18:20 – Updated: 2026-02-09 15:28

Title

Zulip affected by Stored XSS in user profile modal

Summary

Zulip is an open-source team collaboration tool. From 5.0 to before 11.5, some administrative actions on the user profile were susceptible to stored XSS in group names or channel names. Exploiting these vulnerabilities required the user explicitly interacting with the problematic object. This vulnerability is fixed in 11.5.

Severity ?

1.1 (Low)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/zulip/zulip/security/advisorie…	x_refsource_CONFIRM
	https://github.com/zulip/zulip/commit/e6093d9e478…	x_refsource_MISC
	https://github.com/zulip/zulip/releases/tag/11.5	x_refsource_MISC
	https://zulip.readthedocs.io/en/latest/overview/c…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	zulip	zulip	Affected: >= 5.0, < 11.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-24050",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-09T15:19:33.800742Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-09T15:28:55.237Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "zulip",
          "vendor": "zulip",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 5.0, \u003c 11.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Zulip is an open-source team collaboration tool. From 5.0 to before 11.5, some administrative actions on the user profile were susceptible to stored XSS in group names or channel names. Exploiting these vulnerabilities required the user explicitly interacting with the problematic object. This vulnerability is fixed in 11.5."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 1.1,
            "baseSeverity": "LOW",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-06T18:20:33.160Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/zulip/zulip/security/advisories/GHSA-56qv-8823-6fq9",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/zulip/zulip/security/advisories/GHSA-56qv-8823-6fq9"
        },
        {
          "name": "https://github.com/zulip/zulip/commit/e6093d9e4788f4d82236d856c5ed7b16767886a7",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/zulip/zulip/commit/e6093d9e4788f4d82236d856c5ed7b16767886a7"
        },
        {
          "name": "https://github.com/zulip/zulip/releases/tag/11.5",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/zulip/zulip/releases/tag/11.5"
        },
        {
          "name": "https://zulip.readthedocs.io/en/latest/overview/changelog.html#zulip-server-11-5",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://zulip.readthedocs.io/en/latest/overview/changelog.html#zulip-server-11-5"
        }
      ],
      "source": {
        "advisory": "GHSA-56qv-8823-6fq9",
        "discovery": "UNKNOWN"
      },
      "title": "Zulip affected by Stored XSS in user profile modal"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-24050",
    "datePublished": "2026-02-06T18:20:33.160Z",
    "dateReserved": "2026-01-20T22:30:11.778Z",
    "dateUpdated": "2026-02-09T15:28:55.237Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-24050\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-02-06T19:16:08.640\",\"lastModified\":\"2026-02-06T21:57:22.450\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Zulip is an open-source team collaboration tool. From 5.0 to before 11.5, some administrative actions on the user profile were susceptible to stored XSS in group names or channel names. Exploiting these vulnerabilities required the user explicitly interacting with the problematic object. This vulnerability is fixed in 11.5.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":1.1,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"PASSIVE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"LOW\",\"subIntegrityImpact\":\"LOW\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"UNREPORTED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"references\":[{\"url\":\"https://github.com/zulip/zulip/commit/e6093d9e4788f4d82236d856c5ed7b16767886a7\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/zulip/zulip/releases/tag/11.5\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/zulip/zulip/security/advisories/GHSA-56qv-8823-6fq9\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://zulip.readthedocs.io/en/latest/overview/changelog.html#zulip-server-11-5\",\"source\":\"security-advisories@github.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-24050\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-09T15:19:33.800742Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-09T15:19:34.625Z\"}}], \"cna\": {\"title\": \"Zulip affected by Stored XSS in user profile modal\", \"source\": {\"advisory\": \"GHSA-56qv-8823-6fq9\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 1.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U\", \"userInteraction\": \"PASSIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"subIntegrityImpact\": \"LOW\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"LOW\", \"vulnConfidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"zulip\", \"product\": \"zulip\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 5.0, \u003c 11.5\"}]}], \"references\": [{\"url\": \"https://github.com/zulip/zulip/security/advisories/GHSA-56qv-8823-6fq9\", \"name\": \"https://github.com/zulip/zulip/security/advisories/GHSA-56qv-8823-6fq9\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/zulip/zulip/commit/e6093d9e4788f4d82236d856c5ed7b16767886a7\", \"name\": \"https://github.com/zulip/zulip/commit/e6093d9e4788f4d82236d856c5ed7b16767886a7\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/zulip/zulip/releases/tag/11.5\", \"name\": \"https://github.com/zulip/zulip/releases/tag/11.5\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://zulip.readthedocs.io/en/latest/overview/changelog.html#zulip-server-11-5\", \"name\": \"https://zulip.readthedocs.io/en/latest/overview/changelog.html#zulip-server-11-5\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Zulip is an open-source team collaboration tool. From 5.0 to before 11.5, some administrative actions on the user profile were susceptible to stored XSS in group names or channel names. Exploiting these vulnerabilities required the user explicitly interacting with the problematic object. This vulnerability is fixed in 11.5.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-02-06T18:20:33.160Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-24050\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-09T15:28:55.237Z\", \"dateReserved\": \"2026-01-20T22:30:11.778Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-02-06T18:20:33.160Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

FKIE_CVE-2026-24050

Vulnerability from fkie_nvd - Published: 2026-02-06 19:16 - Updated: 2026-02-06 21:57

Severity ?

1.1 (Low) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U