CVE-2023-37259 — Cross-site Scripting in Project Matrix-react-sdk

CWE-79 — Cross-site Scripting CWE-80 — Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)4 documents4 sources

Severity

5.4MEDIUMNVD

CNA6.1

EPSS

0.2%

top 52.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Matrix-react-sdk Project Matrix-react-sdk Matrix-org Matrix-react-sdk

Timeline

PublishedJul 18

Description

matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored Cross site scripting (XSS). Since the Export Chat feature generates a separate document, an attacker can only inject code run from the `null` origin, restricting the impact. However, the attacker can still potentially use the XSS to leak message contents. A mali…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages3 packages

▶NVDmatrix-react-sdk_project/matrix-react-sdk3.32.0 — 3.76.0+1

▶npmmatrix-react-sdk_project/matrix-react-sdk3.32.0 — 3.76.0

▶CVEListV5matrix-org/matrix-react-sdk>= 3.32.0, < 3.76.0

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

matrix-react-sdk vulnerable to XSS in Export Chat feature↗2023-07-18

▶

OSV

matrix-react-sdk vulnerable to XSS in Export Chat feature↗2023-07-18

▶

CVEList

Cross site scripting in Export Chat feature↗2023-07-18

▶