2020-08-21 04:34:38
mitre
PUBLISHED
Zulip Server before 2.1.5 has Incorrect Access Control because 0198_preregistrationuser_invited_as adds the administrator role to invitations.