4 matches found
CVE-2024-21630
Zulip is an open-source team collaboration tool. A vulnerability in version 8.0 is similar to CVE-2023-32677, but applies to multi-use invitations, not single-use invitation links as in the prior CVE. Specifically, it applies when the installation has configured non-admins to be able to invite...
CVE-2024-21630
creationtimestamp| type| source ---|---|--- 2024-01-25 21:26:43+00:00| seen| https://t.me/ctinow/173801 2024-02-18 18:11:18+00:00| seen| https://t.me/ctinow/187318...
CVE-2024-21630
CVE-2024-21630 (Zulip) describes a flaw in Zulip 8.0 where non-admins can invite users and create multiāuse invitations, while only admins can invite users to streams. The vulnerability is limited to streams the inviter can already see and is not an arbitrary- stream invite. Version 8.1 fixes the...
CVE-2024-21630 Zulip non-admins can invite new users to streams they would not otherwise be able to add existing users to
Zulip is an open-source team collaboration tool. A vulnerability in version 8.0 is similar to CVE-2023-32677, but applies to multi-use invitations, not single-use invitation links as in the prior CVE. Specifically, it applies when the installation has configured non-admins to be able to invite...