matrix-appservice-bridge doesn't verify the sub parameter of an openId token exhange, allowing unauthorized access to provisioning APIs
Moderate severity
GitHub Reviewed
Published
Aug 4, 2023
in
matrix-org/matrix-appservice-bridge
•
Updated Nov 7, 2023
Give feedback on Dependabot alerts