296,748
Total vulnerabilities in the database
matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated attacker-supplied room.
The issue has been patched and users should upgrade to 38.2.0.
Avoid using MatrixClient::getJoinedRooms in favour of getRooms() and filtering upgraded rooms separately.
| Software | From | Fixed in |
|---|---|---|
matrix-js-sdk
|
- | 38.2.0 |