You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
CVE-2022-24751: Zulip Server 4.0 and above were susceptible to a
race condition during user deactivation, where a simultaneous access
by the user being deactivated may, in rare cases, allow continued
access by the deactivated user. This access could theoretically
continue until one of the following events happens:
The session expires from memcached; this defaults to two weeks, and
is controlled by SESSION_COOKIE_AGE in /etc/zulip/settings.py
The session cache is evicted from memcached by other cached data.