Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Malicious users could control the content of invitation emails
Vulnerability Description
Sydent is a reference matrix identity server. A malicious user could abuse Sydent to send out arbitrary emails from the Sydent email address. This could be used to construct plausible phishing emails, for example. This issue has been fixed in 4469d1d.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
输入验证不恰当
Vulnerability Title
Matrix Sydent 输入验证错误漏洞
Vulnerability Description
Matrix Sydent是英国Matrix.org基金会的一款Matrix身份验证服务器API的实现。 Sydent 存在安全漏洞,攻击者可利用该漏洞从Sydent电子邮件地址发送任意电子邮件。
CVSS Information
N/A
Vulnerability Type
N/A