matrix-appservice-irc is vulnerable to privilege escalation. The vulnerability exists in the DEFAULT_CONFIG
function in IrcServer.ts
due to improper validation of user rights, allowing an attacker to elevate privileges.
github.com/matrix-org/matrix-appservice-irc/commit/5f87dbed87b4b6dc49b7965ff152ee8535719e67
github.com/matrix-org/matrix-appservice-irc/commit/e3097ccde610b9d31cbcad097eb2eca77925f1c2
github.com/matrix-org/matrix-appservice-irc/pull/1567
github.com/matrix-org/matrix-appservice-irc/security/advisories/GHSA-cq7q-5c67-w39w
matrix.org/blog/2022/09/13/security-release-of-matrix-appservice-irc-0-35-0-high-severity/