CVE-2021-30487

In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to move messages to streams in other organizations hosted by the same Zulip installation. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt