Описание
Sydent is a reference matrix identity server. A malicious user could abuse Sydent to send out arbitrary emails from the Sydent email address. This could be used to construct plausible phishing emails, for example. This issue has been fixed in 4469d1d.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| matrix-sydent | not-affected | package |
Примечания
https://github.com/matrix-org/sydent/security/advisories/GHSA-mh74-4m5g-fcjx
EPSS
Процентиль: 48%
0.0025
Низкий
Связанные уязвимости
CVSS3: 5.3
nvd
почти 5 лет назад
Sydent is a reference matrix identity server. A malicious user could abuse Sydent to send out arbitrary emails from the Sydent email address. This could be used to construct plausible phishing emails, for example. This issue has been fixed in 4469d1d.
CVSS3: 5.3
github
почти 5 лет назад
Malicious users could abuse Sydent to control the content of invitation emails
EPSS
Процентиль: 48%
0.0025
Низкий