13 matches found
EUVD-2023-2027
Malicious code in bioql PyPI...
SUSE CVE-2023-37259
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored Cross site scripting XSS. Since the Export Chat feature...
CVE-2023-37259
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored Cross site scripting XSS. Since the Export Chat feature...
Cross site scripting
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored Cross site scripting XSS. Since the Export Chat feature...
CVE-2023-37259 Cross site scripting in Export Chat feature
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored Cross site scripting XSS. Since the Export Chat feature...
CVE-2023-37259 Cross site scripting in Export Chat feature
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored Cross site scripting XSS. Since the Export Chat feature...
CVE-2023-37259
CVE-2023-37259 affects matrix-react-sdk. The Export Chat feature injects attacker-controlled elements into a generated document without proper escaping, causing stored XSS. The exploit runs from the null origin (document-only context) but can be used to leak message contents; a malicious homeserv...
CVE-2023-37259 Cross site scripting in Export Chat feature
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored Cross site scripting XSS. Since the Export Chat feature...
GHSA-C9VX-2G7W-RP65 matrix-react-sdk vulnerable to XSS in Export Chat feature
Description The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored XSS. Impact Since the Export Chat feature generates a separate document, an attacker can only inject code run from the null origin, restrictin...
matrix-react-sdk vulnerable to XSS in Export Chat feature
Description The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored XSS. Impact Since the Export Chat feature generates a separate document, an attacker can only inject code run from the null origin, restrictin...
matrix-react-sdk 跨站脚本漏洞
matrix-react-sdk is a Matrix open source component for inserting the Matrix chat/voip client into web pages. A cross-site scripting vulnerability exists in matrix-react-sdk versions 3.32.0 through 3.76.0, which stems from the Export Chat feature containing certain attacker-controlled elements in...
FreeBSD : element-web -- Cross site scripting in Export Chat feature (c70c3dc3-258c-11ee-b37b-901b0e9408dc)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c70c3dc3-258c-11ee-b37b-901b0e9408dc advisory. - Since the Export Chat feature generates a separate document, an attacker can only inject code run fro...
element-web -- Cross site scripting in Export Chat feature
Matrix Developers reports: The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored XSS...