EPSS
Percentile
33.8%
Zulip Server before 2.1.3 allows XSS via the modal_link feature in the Markdown functionality.
blog.zulip.org/2020/04/01/zulip-server-2-1-3-security-release/