How severe is CVE-2023-22735?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.6 out of 10.

What type of vulnerability is CVE-2023-22735?

This is classified as CWE-436, which is a common weakness in software security.

CVE-2023-22735

MEDIUM Year: 2023

CVSS v3 Score

4.6

Medium

Weakness Type

CWE-436

View all →

Vulnerability Description

Zulip is an open-source team collaboration tool. In versions of zulip prior to commit `2f6c5a8` but after commit `04cf68b` users could upload files with arbitrary `Content-Type` which would be served from the Zulip hostname with `Content-Disposition: inline` and no `Content-Security-Policy` header, allowing them to trick other users into executing arbitrary Javascript in the context of the Zulip application. Among other things, this enables session theft. Only deployments which use the S3 storage (not the local-disk storage) are affected, and only deployments which deployed commit 04cf68b45ebb5c03247a0d6453e35ffc175d55da, which has only been in `main`, not any numbered release. Users affected should upgrade from main again to deploy this fix. Switching from S3 storage to the local-disk storage would nominally mitigate this, but is likely more involved than upgrading to the latest `main` which addresses the issue.

CVE-2022-36048

MEDIUM

CVSS:4.3(Medium)

Zulip is an open-source team collaboration tool with topic-based threading that combines email and chat. When displaying messages with embedded remote images, Zulip normally loads the image preview vi...

CWE-4362022

CVE-2023-30541

MEDIUM

CVSS:5.3(Medium)

OpenZeppelin Contracts is a library for secure smart contract development. A function in the implementation contract may be inaccessible if its selector clashes with one of the proxy's own selectors. ...

CWE-4362023

CVE-2024-3386

MEDIUM

CVSS:5.3(Medium)

An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains t...

CWE-4362024

CVE-2025-24013

MEDIUM

CVSS:5.3(Medium)

CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers w...

CWE-4362025

CVE-2020-9264

MEDIUM

CVSS:5.5(Medium)

ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. This affects versions before 1294 of Smart Security Premium, Interne...

CWE-4362020

CVE-2020-9342

MEDIUM

CVSS:5.5(Medium)

The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Prot...

CWE-4362020

CVE-2023-22735

Vulnerability Description

Related Vulnerabilities

CVE-2022-36048

CVE-2023-30541

CVE-2024-3386

CVE-2025-24013

CVE-2020-9264

CVE-2020-9342