296,480
Total vulnerabilities in the database
matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms
, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated attacker-supplied room.
The issue has been patched and users should upgrade to 38.2.0.
Avoid using MatrixClient::getJoinedRooms
in favour of getRooms()
and filtering upgraded rooms separately.
Software | From | Fixed in |
---|---|---|
![]() |
- | 38.2.0 |