2 matches found
CVE-2021-30479
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the allpublicstreams API feature resulted in guest users being able to receive message traffic to public streams that should have been only accessible to members of the organization...
Design/Logic Flaw
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the allpublicstreams API feature resulted in guest users being able to receive message traffic to public streams that should have been only accessible to members of the organization...