0.001 Low
EPSS
Percentile
31.3%
In Synapse before 0.31.2, unauthorised users can hijack rooms when there is no m.room.power_levels event in force.
m.room.power_levels
bugs.debian.org/901549
github.com/matrix-org/matrix-doc/issues/1304
github.com/matrix-org/synapse
matrix.org/blog/2018/06/14/security-update-synapse-0-31-2
nvd.nist.gov/vuln/detail/CVE-2018-12423