Skip to main content

Improper Input Validation

CVE-2021-29432

Severity Medium
Score 5.7/10

Summary

Sydent is a reference matrix identity server. A malicious user could abuse Sydent to send out arbitrary emails from the Sydent email address. This could be used to construct plausible phishing emails, for example. This issue has been fixed in 4469d1d.

  • LOW
  • NETWORK
  • HIGH
  • UNCHANGED
  • REQUIRED
  • LOW
  • NONE
  • NONE

CWE-20 - Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Advisory Timeline

  • Published