CVE-2020-26891 log
| Source |
|
| Severity | High |
| Remote | Yes |
| Type | Cross-site scripting |
| Description | A security issue has been found in matrix-synapse before 1.21.0, where HTML pages served via Synapse were vulnerable to cross-site scripting (XSS) attacks. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-1252 | matrix-synapse | 1.20.1-1 | 1.21.0-1 | High | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 03 Nov 2020 | ASA-202011-4 | AVG-1252 | matrix-synapse | High | cross-site scripting |
| References |
|---|
https://github.com/matrix-org/synapse/releases/tag/v1.21.2 https://github.com/matrix-org/synapse/pull/8444 |