3 matches found
CVE-2021-21333
Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the notification emails sent for notifications for missed messages or for an expiring account are subject...
CVE-2021-21333 HTML injection in email and account expiry notifications
Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the notification emails sent for notifications for missed messages or for an expiring account are subject...
CVE-2021-21333
CVE-2021-21333 affects Synapse (matrix-synapse) before version 1.27.0. The notification emails for missed messages and for expiring accounts are subject to HTML injection, enabling an attacker to forge email content in the missed-messages notification. The account-expiry feature is not enabled by...