High severity8.8NVD Advisory· Published Nov 27, 2017· Updated Jun 17, 2026
CVE-2017-0910
CVE-2017-0910
Description
In Zulip Server before 1.7.1, on a server with multiple realms, a vulnerability in the invitation system lets an authorized user of one realm on the server create a user account on any other realm.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:zulip:zulip_server:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:zulip:zulip_server:*:*:*:*:*:*:*:*range: <1.7.1
- (no CPE)range: <1.7.1
- (no CPE)range: before 1.7.1
Patches
Vulnerability mechanics
References
2- github.com/zulip/zulip/commit/960d736e55cbb9386a68e4ee45f80581fd2a4e32nvdPatchThird Party Advisory
- blog.zulip.org/2017/11/23/zulip-1-7-1-released/nvdVendor Advisory
News mentions
0No linked articles in our index yet.