Unintended Proxy or Intermediary ('Confused Deputy') and Improper Input Validation in Conduit-derived homeservers
Unintended Proxy or Intermediary ('Confused Deputy') and Improper Input Validation in Conduit-derived homeservers
github.com
Unintended Proxy or Intermediary ('Confused Deputy') and Improper Input Validation in Conduit-derived homeservers
### Impact This vulnerability allows a remote, unauthenticated attacker to force the target server to cryptographically sign arbitrary membership events. The flaw exists because the server fails...