CVE-2018-12423
CVE-2018-12423 affects Synapse prior to 0.31.2. The vulnerability allows unauthorized users to hijack rooms when there is no m.room.power_levels event in force. This is described consistently across multiple sources in the connected documents. Reported impact is room hijacking due to improper han...