CVE-2019-16216

Name of the Vulnerable Software and Affected Versions Zulip server versions prior to 2.0.5

Description The issue allows a logged-in user to upload files of certain types, potentially leading to a stored cross-site scripting attack on other logged-in users. The effectiveness of the attack depends on the browser and the uploads backend used by the Zulip server. For servers using the default local uploads backend, the attack is only effective against browsers lacking support for Content-Security-Policy, such as Internet Explorer 11. For servers using the S3 uploads backend, the attack is confined to the origin of the configured S3 uploads hostname and cannot reach the Zulip server itself.

Recommendations For versions prior to 2.0.5, update to version 2.0.5 or later to resolve the issue. As a temporary workaround, consider restricting file uploads or implementing additional security measures to minimize the risk of exploitation.