VYPR
Medium severity6.5NVD Advisory· Published Jun 2, 2017· Updated Jun 17, 2026

CVE-2017-0896

CVE-2017-0896

Description

Zulip Server 1.5.1 and below suffer from an error in the implementation of the invite_by_admins_only setting in the Zulip group chat application server that allowed an authenticated user to invite other users to join a Zulip organization even if the organization was configured to prevent this.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

22
  • Zulip/Zulip Server21 versions
    cpe:2.3:a:zulip:zulip_server:1.3.0:*:*:*:*:*:*:*+ 20 more
    • cpe:2.3:a:zulip:zulip_server:1.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.3.10:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.3.11:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.3.12:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.3.13:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.3.7:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.3.8:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.3.9:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:zulip:zulip_server:1.5.1:*:*:*:*:*:*:*
    • (no CPE)range: <=1.5.1
    • (no CPE)range: 1.5.1 and below
  • Zulip/Zulipllm-fuzzy
    Range: <=1.5.1

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.