Zulip · Zulip Server · CVE-2019-19775
**Name of the Vulnerable Software and Affected Versions**
Zulip Server versions 1.9.0 through 2.0.7
**Description**
The issue concerns an open redirect in the image thumbnailing handler, which is visible to logged-in users.
**Recommendations**
For Zulip Server versions 1.9.0 through 2.0.7, update to version 2.0.8 or later to resolve the issue.