CVE-2023-30609 matrix-react-sdk vulnerable to HTML injection in search results via plaintext message highlighting

matrix-react-sdk is a react-based SDK for inserting a Matrix chat/VoIP client into a web page. Prior to version 3.71.0, plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs to trick a user into searching for a specific message...

CVE-2023-30609 matrix-react-sdk vulnerable to HTML injection in search results via plaintext message highlighting

matrix-react-sdk is a react-based SDK for inserting a Matrix chat/VoIP client into a web page. Prior to version 3.71.0, plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs to trick a user into searching for a specific message...

CVE-2023-30609

matrix-react-sdk is a react-based SDK for inserting a Matrix chat/VoIP client into a web page. Prior to version 3.71.0, plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs to trick a user into searching for a specific message...

HTML injection in search results via plaintext message highlighting

Impact Plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs to trick a user into searching for a specific message containing an HTML injection payload. Cross-site scripting is possible by including resources from recaptcha.net and...

CVE-2022-36059

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 19.4.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data...

SUSE-SU-2019:0553-1 Security update for libvirt

This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-3840: Fixed a null pointer dereference vulnerability in virJSONValueObjectHasKey function which could have resulted in a remote denial of service via the guest agent bsc1127458. Other issues fixed: - libxl: save...

CVE-2017-1130

IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and have to be restarted. IBM X-Force ID: 121371...

IBM Notes 8.5.x/9.0.x - Denial of Service (2) Exploit

Exploit for windows platform in category dos / poc Exploit Title: IBM Notes is affected by a denial of service vulnerability Date: 31 August 2017 Software Link: http://www-01.ibm.com/support/docview.wss?uid=swg21999384 Exploit Author: Dhiraj Mishra Contact: http://twitter.com/mishradhiraj Website...

IBM Notes 8.5.x/9.0.x - Denial of Service Exploit

Exploit for multiple platform in category dos / poc Exploit Title: IBM Notes is affected by a denial of service vulnerability Date: 31 August 2017 Software Link: https://www-01.ibm.com/support/docview.wss?uid=swg24037141 Exploit Author: Dhiraj Mishra Contact: http://twitter.com/mishradhiraj...

IBM Notes 8.5.x / 9.0.x Denial Of Service

Exploit Title: IBM Notes is affected by a denial of service vulnerability Date: 31 August 2017 Software Link: http://www-01.ibm.com/support/docview.wss?uid=swg21999384 Exploit Author: Dhiraj Mishra Contact: http://twitter.com/mishradhiraj Website: http://datarift.blogspot.in/ CVE: CVE-2017-1130...