CVE-2016-4426

2022-07-2816:31:52

CWE-284

redhat

www.cve.org

zulip security vulnerability realm api keys

AI Score

4.7

Confidence

High

EPSS

0.001

Percentile

22.7%

JSON

In zulip before 1.3.12, bot API keys were accessible to other users in the same realm.

CNA Affected

[
  {
    "product": "zulip",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "zulip 1.3.12"
      }
    ]
  }
]

References

zulip.readthedocs.io/en/2.1.7/overview/changelog.html#id35