Описание
AuthRestServlet in Matrix Synapse before 1.21.0 is vulnerable to XSS due to unsafe interpolation of the session GET parameter. This allows a remote attacker to execute an XSS attack on the domain Synapse is hosted on, by supplying the victim user with a malicious URL to the /_matrix/client/r0/auth//fallback/web or /_matrix/client/unstable/auth//fallback/web Synapse endpoints.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | not-affected | 1.64.0-3 |
| esm-infra-legacy/trusty | DNE | |
| focal | ignored | end of standard support, was needs-triage |
| groovy | ignored | end of life |
| hirsute | ignored | end of life |
| impish | ignored | end of life |
Показывать по
4.3 Medium
CVSS2
6.1 Medium
CVSS3
Связанные уязвимости
AuthRestServlet in Matrix Synapse before 1.21.0 is vulnerable to XSS due to unsafe interpolation of the session GET parameter. This allows a remote attacker to execute an XSS attack on the domain Synapse is hosted on, by supplying the victim user with a malicious URL to the /_matrix/client/r0/auth/*/fallback/web or /_matrix/client/unstable/auth/*/fallback/web Synapse endpoints.
AuthRestServlet in Matrix Synapse before 1.21.0 is vulnerable to XSS d ...
Cross-site scripting (XSS) vulnerability in the fallback authentication endpoint
4.3 Medium
CVSS2
6.1 Medium
CVSS3