Lucene search
K

4 matches found

NVD
NVD
added 2023/08/04 5:15 p.m.39 views

CVE-2023-38690

matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it is possible to craft a command with newlines which would not be properly parsed. This would mean you could pass a string of commands as a channel name, which would then be run by the IRC bridge bot. Versions 1.0....

9.8CVSS6.8AI score0.00777EPSS
Exploits0References3
CVE
CVE
added 2023/08/04 4:31 p.m.59 views

CVE-2023-38690

CVE-2023-38690 affects matrix-appservice-irc (Node.js IRC bridge for Matrix). Before version 1.0.1, an attacker could craft a command containing newlines that would not be parsed correctly, allowing a string of commands to be passed as a channel name and executed by the IRC bridge bot. Affected v...

9.8CVSS7.7AI score0.00777EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/04 4:31 p.m.13 views

CVE-2023-38690 matrix-appservice-irc IRC command injection via admin commands containing newlines

matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it is possible to craft a command with newlines which would not be properly parsed. This would mean you could pass a string of commands as a channel name, which would then be run by the IRC bridge bot. Versions 1.0....

5.8CVSS7.1AI score0.00777EPSS
Exploits0References3
OSV
OSV
added 2023/08/04 4:31 p.m.27 views

CVE-2023-38690 matrix-appservice-irc IRC command injection via admin commands containing newlines

matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it is possible to craft a command with newlines which would not be properly parsed. This would mean you could pass a string of commands as a channel name, which would then be run by the IRC bridge bot. Versions 1.0....

5.8CVSS9.4AI score0.00777EPSS
Exploits0References5
Rows per page
Query Builder