CVE-2018-12423by Jeremyin Security Bulletinson Posted on June 14, 2018 In Synapse before 0.31.2, unauthorised users can hijack rooms when there is no m.room.power_levels event in force.