Vulnerability Database

Published: Jun 14, 2018
Updated: Apr 13, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2018-12423" target="_blank" rel="noopener"> CVE-2018-12423
Severity: High
Exploit:

296,760

Total vulnerabilities in the database

In Synapse before 0.31.2, unauthorised users can hijack rooms when there is no m.room.power_levels event in force.

CVSS v3:

CVSS v2:

No CWE or OWASP classifications available.

Software	From	Fixed in
matrix / synapse	-	0.31.2

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.