4 matches found
CVE-2023-38690
matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it is possible to craft a command with newlines which would not be properly parsed. This would mean you could pass a string of commands as a channel name, which would then be run by the IRC bridge bot. Versions 1.0....
CVE-2023-38690
CVE-2023-38690 affects matrix-appservice-irc (Node.js IRC bridge for Matrix). Before version 1.0.1, an attacker could craft a command containing newlines that would not be parsed correctly, allowing a string of commands to be passed as a channel name and executed by the IRC bridge bot. Affected v...
CVE-2023-38690 matrix-appservice-irc IRC command injection via admin commands containing newlines
matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it is possible to craft a command with newlines which would not be properly parsed. This would mean you could pass a string of commands as a channel name, which would then be run by the IRC bridge bot. Versions 1.0....
CVE-2023-38690 matrix-appservice-irc IRC command injection via admin commands containing newlines
matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it is possible to craft a command with newlines which would not be properly parsed. This would mean you could pass a string of commands as a channel name, which would then be run by the IRC bridge bot. Versions 1.0....