Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:50 a.m.10 views

CVE-2023-32678

Zulip is an open-source team collaboration tool with topic-based threading that combines email and chat. Users who used to be subscribed to a private stream and have been removed from it since retain the ability to edit messages/topics, move messages to other streams, and delete messages that the...

6.5CVSS6.8AI score0.00398EPSS
Exploits0References1
Circl
Circl
added 2023/08/26 12:14 a.m.10 views

CVE-2023-32678

creationtimestamp| type| source ---|---|--- 2023-08-26 00:14:23+00:00| seen| https://t.me/cibsecurity/69211...

6.5CVSS6.3AI score0.00398EPSS
Exploits0References1
NVD
NVD
added 2023/08/25 9:15 p.m.29 views

CVE-2023-32678

Zulip is an open-source team collaboration tool with topic-based threading that combines email and chat. Users who used to be subscribed to a private stream and have been removed from it since retain the ability to edit messages/topics, move messages to other streams, and delete messages that the...

6.5CVSS6.5AI score0.00398EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/08/25 8:4 p.m.17 views

CVE-2023-32678 Zulip vulnerable to insufficient authorization check for edition/deletion of messages and topics in private streams by former subscribers

Zulip is an open-source team collaboration tool with topic-based threading that combines email and chat. Users who used to be subscribed to a private stream and have been removed from it since retain the ability to edit messages/topics, move messages to other streams, and delete messages that the...

6.5CVSS7AI score0.00398EPSS
Exploits0References2
CVE
CVE
added 2023/08/25 8:4 p.m.55 views

CVE-2023-32678

Zulip CVE-2023-32678 describes an authorization flaw in Zulip Server prior to 7.3 where former subscribers of private streams could still edit, move, or delete messages and topics they had previously accessed. The issue arises from insufficient checks on who can modify or remove content in privat...

6.5CVSS6.4AI score0.00398EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder