PT-2023-28352 · Synapse +2 · Synapse +2
Name of the Vulnerable Software and Affected Versions: Synapse versions prior to 1.93.0 Description: The issue allows users to forge read receipts for any event if they know the room ID and event ID. Although users cannot view the events, they can mark them as read, potentially causing confusion ...