CVE-2021-3866
Cross-site Scripting (XSS) – Stored in GitHub repository zulip/zulip prior to main.
Date published : 2022-01-20
https://huntr.dev/bounties/5f48dac5-e112-4b23-bbbf-cc00ba83bcf2
https://github.com/zulip/zulip/commit/3eb2791c3e9695f7d37ffe84e0c2184fae665cb6