Zulip · Zulip Server · CVE-2017-0910
**Name of the Vulnerable Software and Affected Versions**
Zulip Server versions prior to 1.7.1
**Description**
A vulnerability in the invitation system of Zulip Server allows an authorized user of one realm to create a user account on any other realm, given that the server has multiple realms.
**Recommendations**
For versions prior to 1.7.1, update to version 1.7.1 or later to resolve the issue.