CVE-2021-30487

In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to move messages to streams in other organizations hosted by the same Zulip installation...

CVE-2024-27286 Moving single messages from public to private streams leaves them accessible

Zulip is an open-source team collaboration tool. When a user moves a Zulip message, they have the option to move all messages in the topic, move only subsequent messages as well, or move just a single message. If the user chose to just move one message, and was moving it from a public stream to a...

CVE-2024-27286

Zulip vulnerability CVE-2024-27286 affects Zulip Server 3.0 up to (but not including) 8.3, where moving a single message from a public stream to a private stream can leave the message accessible. According to the description, the move operation could successfully relocate the message but active u...

Unspecified vulnerability in Zulip server (CNVD-2021-39546)

Zulip server is an open source team chat application from the American company Zulip. A security vulnerability exists in version 3.x prior to Zulip Server 3.4, which stems from the ability of an organization administrator to move messages to streams in other organizations hosted by the same Zulip...

CVE-2021-30487

In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to move messages to streams in other organizations hosted by the same Zulip installation...