Improper Transaction and Event Signature Validation in Matrix Synapse before 0.33.3.1

Improper Transaction and Event Signature Validation in Matrix Synapse before 0.33.3.1

CVE-2018-16515 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging improper transaction and event signature validation.

Learn more about our Web Application Penetration Testing UK.