matrix-js-sdk is vulnerable to Missing Authorization. The vulnerability exists because a user can join a MSC3401
group call without notifying other users, which allows an attacker to perform invisible eavesdropping in group calls.
CPE | Name | Operator | Version |
---|---|---|---|
matrix-js-sdk | le | 24.0.0 | |
matrix-js-sdk | le | 24.0.0 |