Zulip server is an open source team chat application from Zulip USA. zulip server has a security vulnerability that stems from the fact that zlip Server deployments that reside in multiple organizations are vulnerable to attacks where an invitation created in one organization (possibly a role with elevated privileges) can be used to join any other organization. This bypasses any restrictions on the domain required for a userβs email address and can be used to gain access to organizations that are only accessible by invitation. No details of the vulnerability are currently available.