Matrix Synapse before 0.33.3.1 and 0.33.2.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging improper transaction and event signature validation.
{ "nvd_published_at": "2018-09-18T21:29:00Z", "cwe_ids": [ "CWE-347" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2023-07-24T20:04:34Z" }