CVE-2021-40823 : Security Advisory and Response
Learn about CVE-2021-40823, a logic error in room key sharing in Matrix JS SDK allowing a malicious server to steal encryption keys. Find out the impact and mitigation steps.
A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys.