4 matches found
CVE-2021-3967
Improper Access Control in GitHub repository zulip/zulip prior to 4.10...
CVE-2021-3967
Improper Access Control in GitHub repository zulip/zulip prior to 4.10...
CVE-2021-3967
Improper Access Control in GitHub repository zulip/zulip prior to 4.10...
CVE-2021-3967
CVE-2021-3967 affects zulip/zulip prior to 4.10. The issue is an improper access-control vulnerability where an endpoint intended to protect API key handling allows regenerating an authenticated user’s API key without re-authentication, enabling an attacker with a valid session to obtain the key....