CVE-2021-21332
Cross-site scripting (XSS) vulnerability in the password reset endpoint
In short
The password reset feature in Synapse (a Matrix messaging server) had a vulnerability that allowed attackers to inject malicious scripts into web pages. An attacker could trick users into visiting a crafted link, potentially stealing cookies or performing unauthorized actions in their browser.
Technical detail
Cross-site scripting (XSS) vulnerability in the password reset endpoint allowed unauthenticated attackers to inject arbitrary JavaScript code. The vulnerability could be exploited via crafted URLs to the password reset page, potentially leading to session hijacking, credential theft, CSRF attacks, and access to resources on the same or parent domains depending on deployment configuration.
Summary generated and translated by AI from the official description.
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the password reset endpoint served via Synapse was vulnerable to cross-site scripting (XSS) attacks. The impact depends on the configuration of the domain that Synapse is deployed on, but may allow access to cookies and other browser data, CSRF vulnerabilities, and access to other resources served on the same domain or parent domains. This is fixed in version 1.27.0.
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
Affected products
matrix-org · synapseWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://github.com/matrix-org/synapse/commit/e54746bdf7d5c831eabe4dcea76a7626f1de73dfhttps://github.com/matrix-org/synapse/pull/9200https://github.com/matrix-org/synapse/releases/tag/v1.27.0https://github.com/matrix-org/synapse/security/advisories/GHSA-246w-56m2-5899https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/