How severe is CVE-2025-30369?

This vulnerability has a severity rating of LOW with a CVSS score of 2.7 out of 10.

What type of vulnerability is CVE-2025-30369?

This is classified as CWE-566, which is a common weakness in software security.

CVE-2025-30369

LOW Year: 2025

CVSS v3 Score

2.7

Low

Weakness Type

CWE-566

View all →

Vulnerability Description

Zulip is an open-source team collaboration tool. The API for deleting an organization custom profile field is supposed to be restricted to organization administrators, but its handler failed to check that the field belongs to the same organization as the user. Therefore, an administrator of any organization was incorrectly allowed to delete custom profile fields belonging to a different organization. This is fixed in Zulip Server 10.1.

CVE-2025-30368

LOW

CVSS:2.7(Low)

Zulip is an open-source team collaboration tool. The API for deleting an organization export is supposed to be restricted to organization administrators, but its handler failed to check that the field...

CWE-5662025

CVE-2024-13152

CRITICAL

CVSS:10.0(Critical)

Authorization Bypass Through User-Controlled SQL Primary Key vulnerability in BSS Software Mobuy Online Machinery Monitoring Panel allows SQL Injection.This issue affects Mobuy Online Machinery Monito...

CWE-5662024

CVE-2014-0808

CRITICAL

CVSS:9.1(Critical)

Authorization bypass through user-controlled key issue exists in EC-CUBE 2.11.0 through 2.12.2 and EC-Orange systems deployed before June 29th, 2015. If this vulnerability is exploited, a user of the ...

CWE-5662014