CVE-2021-30487

Опубликовано: 15 апр. 2021

Источник: nvd

CVSS3: 2.7

CVSS2: 4

EPSS Низкий

Описание

In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to move messages to streams in other organizations hosted by the same Zulip installation.

Ссылки

https://blog.zulip.com/2021/04/14/zulip-server-3-4/
Release Notes
Vendor Advisory
https://blog.zulip.com/2021/04/14/zulip-server-3-4/
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:zulip:zulip_server:*:*:*:*:*:*:*:*

Версия от 3.0 (включая) до 3.4 (исключая)

EPSS

Процентиль: 44%

0.00214

Низкий

2.7 Low

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2021-30487

CVSS3: 2.7

debian

почти 5 лет назад

In the topic moving API in Zulip Server 3.x before 3.4, organization a ...

GHSA-2c8p-8v35-g4g6

CVSS3: 2.7

github

больше 3 лет назад

In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to move messages to streams in other organizations hosted by the same Zulip installation.

EPSS

Процентиль: 44%

0.00214

Низкий

2.7 Low

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo