Zulip is vulnerable to Privilege Escalation. An attacker may exploit the vulnerability by sending a maliciously crafted API call that grants administrator privileges to a bot in control.Read More