Lucene search

Cross-site scripting (XSS) vulnerability in the fallback authentication endpoint

🗓️ 16 Oct 2020 16:04:56Reported by GitHub Advisory DatabaseType

Cross-site scripting vulnerability in Synapse fallback authenticatio

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 15
UbuntuCve	CVE-2020-26891	19 Oct 202000:00	–	ubuntucve
FreeBSD	py-matrix-synapse -- XSS vulnerability	1 Oct 202000:00	–	freebsd
AlpineLinux	CVE-2020-26891	19 Oct 202017:15	–	alpinelinux
Cvelist	CVE-2020-26891	19 Oct 202016:47	–	cvelist
Prion	Design/Logic Flaw	19 Oct 202017:15	–	prion
OSV	Cross-site scripting (XSS) vulnerability in the fallback authentication endpoint	16 Oct 202016:56	–	osv
OSV	PYSEC-2020-238	19 Oct 202017:15	–	osv
OSV	CVE-2020-26891	19 Oct 202017:15	–	osv
OSV	OPENSUSE-SU-2024:11041-1 matrix-synapse-1.43.0-1.1 on GA media	15 Jun 202400:00	–	osv
Tenable Nessus	FreeBSD : py-matrix-synapse -- XSS vulnerability (5f39d80f-107c-11eb-8b47-641c67a117d8)	19 Oct 202000:00	–	nessus

Vulners

Node

matrix-synapseRange<1.21.0

Source	Link
github	www.github.com/matrix-org/synapse/security/advisories/GHSA-3x8c-fmpc-5rmq
github	www.github.com/matrix-org/synapse/pull/8444
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-26891
github	www.github.com/matrix-org/synapse/releases
matrix	www.matrix.org/blog/2020/10/15/synapse-1-21-2-released-and-security-advisory
github	www.github.com/matrix-org/synapse/releases/tag/v1.21.2
github	www.github.com/pypa/advisory-database/tree/main/vulns/matrix-synapse/PYSEC-2020-238.yaml
github	www.github.com/advisories/GHSA-3x8c-fmpc-5rmq

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 Oct 2020 16:56Current

6.1Medium risk

Vulners AI Score6.1

CVSS24.3

CVSS36.1

EPSS0.00616

CWE-79