Matthew Hodgson

**Name of the Vulnerable Software and Affected Versions** Synapse versions prior to 0.31.2 **Description** The issue allows unauthorized users to hijack rooms when there is no `m.room.power levels` event in force. This can lead to unauthorized access and control over rooms. **Recommendations** For versions prior to 0.31.2, update to version 0.31.2 or later to resolve the issue. As a temporary workaround, consider implementing strict access controls to rooms and ensuring that `m.room.power levels` events are properly configured to minimize the risk of exploitation.