CVE-2017-0910
Zulip Server (open-source group chat) before 1.7.1 contains an invitation-system vulnerability on multi-realm servers: an authorized user of one realm can create a user account on any other realm. Affected: Zulip Server versions prior to 1.7.1. Mitigation often cited as upgrading to 1.7.1 or appl...