Launch Week Day 1: Announcing Security Design Review

Matrix Synapse Authorization Error

GHSA-ch5v-fhg8-7gv9 · CVE-2018-12423

Published May 13, 2022 · Modified Nov 8, 2023

Description

In Synapse before 0.31.2, unauthorised users can hijack rooms when there is no m.room.power_levels event in force.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes