diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
index 59acf1b8db..202cc2273c 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
@@ -1354,6 +1354,9 @@ internal class DefaultCryptoService @Inject constructor(
                                 senderKey = sessionInfoPair.second,
                                 sharedHistory = true
                         )
+                    }?.filter { inboundGroupSession ->
+                        // Prevent injecting a forged encrypted message and using session_id/sender_key of another room.
+                        inboundGroupSession.roomId == roomId
                     }?.forEach { inboundGroupSession ->
                         // Share the sharable session to userId with deviceId
                         val exportedKeys = inboundGroupSession.exportKeys(sharedHistory = true)