Описание
AuthRestServlet in Matrix Synapse before 1.21.0 is vulnerable to XSS due to unsafe interpolation of the session GET parameter. This allows a remote attacker to execute an XSS attack on the domain Synapse is hosted on, by supplying the victim user with a malicious URL to the /_matrix/client/r0/auth//fallback/web or /_matrix/client/unstable/auth//fallback/web Synapse endpoints.
Ссылки
- Issue TrackingPatchThird Party Advisory
- Release NotesThird Party Advisory
- PatchThird Party Advisory
- Release NotesVendor Advisory
- Issue TrackingPatchThird Party Advisory
- Release NotesThird Party Advisory
- PatchThird Party Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
EPSS
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
AuthRestServlet in Matrix Synapse before 1.21.0 is vulnerable to XSS due to unsafe interpolation of the session GET parameter. This allows a remote attacker to execute an XSS attack on the domain Synapse is hosted on, by supplying the victim user with a malicious URL to the /_matrix/client/r0/auth/*/fallback/web or /_matrix/client/unstable/auth/*/fallback/web Synapse endpoints.
AuthRestServlet in Matrix Synapse before 1.21.0 is vulnerable to XSS d ...
Cross-site scripting (XSS) vulnerability in the fallback authentication endpoint
EPSS
6.1 Medium
CVSS3
4.3 Medium
CVSS2