Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/04/02 5:4 p.m.22 views

CVE-2025-30368

Zulip is an open-source team collaboration tool. The API for deleting an organization export is supposed to be restricted to organization administrators, but its handler failed to check that the field belongs to the same organization as the user. Therefore, an administrator of any organization wa...

2.7CVSS7AI score0.00322EPSS
Exploits0References1
NVD
NVD
added 2025/03/31 5:15 p.m.15 views

CVE-2025-30368

Zulip is an open-source team collaboration tool. The API for deleting an organization export is supposed to be restricted to organization administrators, but its handler failed to check that the field belongs to the same organization as the user. Therefore, an administrator of any organization wa...

2.7CVSS0.00322EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/31 4:26 p.m.22 views

CVE-2025-30368 Zulip allows the deletion of organization by administrators of a different organization

Zulip is an open-source team collaboration tool. The API for deleting an organization export is supposed to be restricted to organization administrators, but its handler failed to check that the field belongs to the same organization as the user. Therefore, an administrator of any organization wa...

2.7CVSS0.00322EPSS
Exploits0References3
CVE
CVE
added 2025/03/31 4:26 p.m.117 views

CVE-2025-30368

Zulip CVE-2025-30368 affects the Delete Organization Export API where permission checks could allow an administrator to delete an export belonging to another organization. Root cause: insufficient verification that the field being acted upon belongs to the caller’s organization. Impact: potential...

2.7CVSS3.6AI score0.00322EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/31 4:26 p.m.16 views

CVE-2025-30368 Zulip allows the deletion of organization by administrators of a different organization

Zulip is an open-source team collaboration tool. The API for deleting an organization export is supposed to be restricted to organization administrators, but its handler failed to check that the field belongs to the same organization as the user. Therefore, an administrator of any organization wa...

2.7CVSS6.7AI score0.00322EPSS
Exploits0References3
OSV
OSV
added 2025/03/31 4:26 p.m.12 views

CVE-2025-30368 Zulip allows the deletion of organization by administrators of a different organization

Zulip is an open-source team collaboration tool. The API for deleting an organization export is supposed to be restricted to organization administrators, but its handler failed to check that the field belongs to the same organization as the user. Therefore, an administrator of any organization wa...

2.7CVSS6.7AI score0.00322EPSS
Exploits0References5
Rows per page
Query Builder