CVE-2021-29432

Name of the Vulnerable Software and Affected Versions: Sydent versions prior to 4469d1d

Description: A malicious user could abuse Sydent to send out arbitrary emails from the Sydent email address, potentially constructing plausible phishing emails.

Recommendations: For versions prior to 4469d1d, update to a version that includes the fixes, such as 4469d1d, 6b405a8, or 65a6e91. Note that if the default email templates have been locally modified, they must also be updated to prevent exploitation. As a temporary workaround, consider restricting access to the email functionality in Sydent until the update can be applied.