CVE-2016-4426

CVE-2016-4426

Vendor N/A

Product zulip

Weakness CWE-284

Published July 28, 2022

Last update August 6, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

In zulip before 1.3.12, bot API keys were accessible to other users in the same realm.

Key dates

02Disclosure timeline

July 28, 2022 CVE published

August 6, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2016-4426

Related vulnerabilities

04Related CVE

CVE-2025-27062 Improper Access Control in Automotive Multimedia CVE-2026-49198 Predator Connect W6x: MQTT Broker Access Control CVE-2024-20465 CVE-2020-15102 Improper access control on dashboard form in PrestaShop CVE-2022-1658 Jupiter Theme <= 6.10.1 - Authenticated Arbitrary Plugin Deletion