Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowed_local_3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on user@bad.example.net@good.example.com returns the user@bad.example.net substring.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Matrix Sydent 输入验证错误漏洞
Vulnerability Description
Matrix Sydent是英国Matrix.org基金会的一款Matrix身份验证服务器API的实现。 Matrix Sydent 1.0.2之前版本中的util/emailutils.py文件存在安全漏洞,该漏洞源于程序没有正确处理对邮件域名的注册限制。攻击者可利用该漏洞绕过限制。
CVSS Information
N/A
Vulnerability Type
N/A