1 matches found
CVE-2016-4427
In zulip before 1.3.12, deactivated users could access messages if SSO was enabled...