CVE-2023-32678

CVSS V2 None CVSS V3 None
Description
Zulip is an open-source team collaboration tool with topic-based threading that combines email and chat. Users who used to be subscribed to a private stream and have been removed from it since retain the ability to edit messages/topics, move messages to other streams, and delete messages that they used to have access to, if other relevant organization permissions allow these actions. For example, a user may be able to edit or delete their old messages they posted in such a private stream. An administrator will be able to delete old messages (that they had access to) from the private stream. This issue was fixed in Zulip Server version 7.3.
Overview
  • CVE ID
  • CVE-2023-32678
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-08-25T20:04:49.432Z
  • Last Modified Date
  • 2023-08-25T20:04:49.432Z
History
Created Old Value New Value Data Type Notes
2024-06-25 11:36:32 Added to TrackCVE