Vulnerabilities > CVE-2021-30487 - Unspecified vulnerability in Zulip Server 3.0/3.1

CVSS 2.7 - LOW

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

zulip

NVD

Published: 2021-04-15

Updated: 2022-07-12

Summary

In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to move messages to streams in other organizations hosted by the same Zulip installation.

Vulnerable Configurations

Part	Description	Count
Application	Zulip Zulip Zulip Server 3.0 Zulip Zulip Server 3.1	4

References

https://blog.zulip.com/2021/04/14/zulip-server-3-4/