0.001 Low
EPSS
Percentile
30.7%
matrix_sydent allows email spoofing. Sending arbitrary emails from the Sydent email address is not handled to block, allowing a malicious user to take control of the content of invitation emails.
github.com/getsentry/sentry/pull/25295
github.com/matrix-org/sydent/commit/4469d1d42b2b1612b70638224c07e19623039c42
github.com/matrix-org/sydent/releases
github.com/matrix-org/sydent/releases/tag/v2.3.0
github.com/matrix-org/sydent/security/advisories/GHSA-mh74-4m5g-fcjx
pypi.org/project/matrix-sydent/