CVE-2024-42347MEDIUMCVSS 6.5fixed in 3.105.12024-08-06
CVE-2024-42347 [MEDIUM] CWE-359 CVE-2024-42347: matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. A ma
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. A malicious homeserver could manipulate a user's account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs in encrypted messages would be sent to the server. This was patched in matrix-react-sdk 3.105.0.
nvd