CVE-2023-47642

Name of the Vulnerable Software and Affected Versions Zulip versions prior to 7.5

Description A security issue was found in Zulip, an open-source team collaboration tool, where users who had been removed from a stream could still access its metadata using the Zulip API. This included stream name, description, settings, and an email address used for incoming email integration. As a result, users could see changes to a stream's metadata after they had lost access to the stream.

Recommendations For versions prior to 7.5, upgrade to version 7.5 to resolve the issue.