vulnerability
FreeBSD: VID-5f39d80f-107c-11eb-8b47-641c67a117d8 (CVE-2020-26891): py-matrix-synapse -- XSS vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Oct 17, 2020 | Oct 18, 2020 | Dec 10, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Oct 17, 2020
Added
Oct 18, 2020
Modified
Dec 10, 2025
Description
Matrix developers reports: The fallback authentication endpoint served via Synapse were vulnerable to cross-site scripting (XSS) attacks. The impact depends on the configuration of the domain that Synapse is deployed on, but may allow access to cookies and other browser data, CSRF vulnerabilities, and access to other resources served on the same domain or parent domains.
Solutions
freebsd-upgrade-package-py36-matrix-synapsefreebsd-upgrade-package-py37-matrix-synapsefreebsd-upgrade-package-py38-matrix-synapsefreebsd-upgrade-package-py39-matrix-synapse
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.