10 matches found
SUSE CVE-2023-30609
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/VoIP client into a web page. Prior to version 3.71.0, plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs to trick a user into searching for a specific message...
CVE-2023-30609
creationtimestamp| type| source ---|---|--- 2023-04-26 00:25:16+00:00| seen| https://t.me/cibsecurity/62855...
FreeBSD : element-web -- matrix-react-sdk vulnerable to HTML injection in search results via plaintext message highlighting (c676bb1b-e3f8-11ed-b37b-901b0e9408dc)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c676bb1b-e3f8-11ed-b37b-901b0e9408dc advisory. - matrix-react-sdk is a react-based SDK for inserting a Matrix chat/VoIP client into a web page. Prior ...
CVE-2023-30609
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/VoIP client into a web page. Prior to version 3.71.0, plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs to trick a user into searching for a specific message...
CVE-2023-30609 matrix-react-sdk vulnerable to HTML injection in search results via plaintext message highlighting
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/VoIP client into a web page. Prior to version 3.71.0, plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs to trick a user into searching for a specific message...
CVE-2023-30609 matrix-react-sdk vulnerable to HTML injection in search results via plaintext message highlighting
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/VoIP client into a web page. Prior to version 3.71.0, plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs to trick a user into searching for a specific message...
CVE-2023-30609 matrix-react-sdk vulnerable to HTML injection in search results via plaintext message highlighting
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/VoIP client into a web page. Prior to version 3.71.0, plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs to trick a user into searching for a specific message...
CVE-2023-30609
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/VoIP client into a web page. Prior to version 3.71.0, plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs to trick a user into searching for a specific message...
CVE-2023-30609
The CVE-2023-30609 issue affects matrix-react-sdk prior to version 3.71.0, where plain text messages containing HTML tags rendered in search results are treated as HTML. Exploitation requires tricking a user into searching for a specific message containing an HTML payload; the vulnerability is mi...
matrix-react-skin (>=0.0.1 <=0.0.2), vector-web (=0.3.0) potentially affected by CVE-2023-30609 via matrix-react-sdk (>=0.0.1 <=0.2.0)
matrix-react-sdk NPM version =0.0.1, =0.0.1, =0.0.2 - vector-web =0.3.0 Source cves: CVE-2023-30609 Source advisory: OSV:GHSA-XV83-X443-7RMW...