CVE-2021-30487

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-30487

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-30487.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-30487

Published

2021-04-15T00:15:13.247Z

Modified

2025-11-14T11:50:07.912832Z

Severity

2.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to move messages to streams in other organizations hosted by the same Zulip installation.

References

https://blog.zulip.com/2021/04/14/zulip-server-3-4/

Affected packages

Git / github.com/zulip/zulip

Affected ranges

Type: GIT
Repo: https://github.com/zulip/zulip
Events: Introduced

e46bbf18ebb1aef49319a69dcabf319e2a2c939a

Fixed

974b95b0956e6be5ef43683fbfac951d6460c802

Affected versions

3.*

3.0

3.0-dev

3.0-rc1

3.0-rc2

3.1

3.2

3.3

4.*

4.0-dev

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-30487.json"