CVE-2018-12423

HIGH

Details

CVSS v3: 7.5
CVSS v2: 5.0
NVD published: 2018-06-14 21:29:00
Affected versions: cpe:2.3:a:matrix:synapse:*:*:*:*:*:*:*:*
Summary: In Synapse before 0.31.2, unauthorised users can hijack rooms when there is no m.room.power_levels event in force.
Remediation: Not available in our cache.
Exploit info: Not available in our cache.

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.