vulnerability
FreeBSD: VID-5f39d80f-107c-11eb-8b47-641c67a117d8 (CVE-2020-26891): py-matrix-synapse -- XSS vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Oct 17, 2020 | Oct 18, 2020 | Mar 25, 2026 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Oct 17, 2020
Added
Oct 18, 2020
Modified
Mar 25, 2026
Description
Matrix developers reports: The fallback authentication endpoint served via Synapse were vulnerable to cross-site scripting (XSS) attacks. The impact depends on the configuration of the domain that Synapse is deployed on, but may allow access to cookies and other browser data, CSRF vulnerabilities, and access to other resources served on the same domain or parent domains.
Solutions
freebsd-upgrade-package-py36-matrix-synapsefreebsd-upgrade-package-py37-matrix-synapsefreebsd-upgrade-package-py38-matrix-synapsefreebsd-upgrade-package-py39-matrix-synapse
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.