{"vulnerability": "GHSA-5XG8-XHFJ-4HM6", "sightings": [{"uuid": "d4e4276a-708c-4371-9f88-5bd0a03fbf58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-5xg8-xhfj-4hm6", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113839687252021271", "content": "", "creation_timestamp": "2025-01-16T19:29:35.606193Z"}, {"uuid": "4ceaca06-2d97-4d6b-99df-dc14366e48ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-5XG8-XHFJ-4HM6", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2024", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56136\n\ud83d\udd39 Description: Zulip server provides an open-source team chat that helps teams stay productive and focused. Zulip Server 7.0 and above are vulnerable to an information disclose attack, where, if a Zulip server is hosting multiple organizations, an unauthenticated user can make a request and determine if an email address is in use by a user. Zulip Server 9.4 resolves the issue, as does the `main` branch of Zulip Server. Users are advised to upgrade. There are no known workarounds for this issue.\n\ud83d\udccf Published: 2025-01-16T19:25:33.261Z\n\ud83d\udccf Modified: 2025-01-16T19:25:33.261Z\n\ud83d\udd17 References:\n1. https://github.com/zulip/zulip/security/advisories/GHSA-5xg8-xhfj-4hm6\n2. https://github.com/zulip/zulip/commit/c6334a765b1e6d71760e4a3b32ae5b8367f2ed4d", "creation_timestamp": "2025-01-16T19:56:09.000000Z"}]}