4 matches found
CVE-2026-25742
Zulip is an open-source team collaboration tool. Prior to version 11.6, Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, even after spectator access enablespectatoraccess / WEBPUBLICSTREAMSENABLED is disabled, attachments originating from web-public...
Frappe Learning 信息泄露漏洞
Frappe Learning is an easy-to-use open source learning management system from Frappe Open Source. An information disclosure vulnerability exists in Frappe Learning versions prior to 2.38.0, which stems from student uploaded assignment attachments being stored as public files, which could lead to...
CVE-2022-31134 Zulip Server public data export contains attachments that are non-public
Zulip is an open-source team collaboration tool. Zulip Server versions 2.1.0 above have a user interface tool, accessible only to server owners and server administrators, which provides a way to download a "public data" export. While this export is only accessible to administrators, in many...
CVE-2022-31134 Zulip Server public data export contains attachments that are non-public
Zulip is an open-source team collaboration tool. Zulip Server versions 2.1.0 above have a user interface tool, accessible only to server owners and server administrators, which provides a way to download a "public data" export. While this export is only accessible to administrators, in many...