PT-2024-27999 · Matrix · Matrix

Name of the Vulnerable Software and Affected Versions: Matrix affected versions not specified Description: The issue is related to improper neutralization of input during web page generation, which can lead to cross-site scripting. This allows attackers to inject malicious scripts into web pages...

CVE-2023-34999

A command injection vulnerability exists in RTS VLink Virtual Matrix Software Versions v5 5.7.6 and v6 6.5.0 that allows an attacker to perform arbitrary code execution via the admin web interface...

CVE-2023-34999

A command injection vulnerability exists in RTS VLink Virtual Matrix Software Versions v5 5.7.6 and v6 6.5.0 that allows an attacker to perform arbitrary code execution via the admin web interface...

CVE-2023-34999

A command injection vulnerability exists in RTS VLink Virtual Matrix Software Versions v5 5.7.6 and v6 6.5.0 that allows an attacker to perform arbitrary code execution via the admin web interface...

CVE-2023-34999

The CVE-2023-34999 entry concerns RTS VLink Virtual Matrix Software versions 5 (< 5.7.6) and 6 (

Mozilla: Matrix SDK bundled with Thunderbird vulnerable to a data corruption issue

A flaw was found in Mozilla. According to the Mozilla Foundation Security Advisory, Thunderbird users who use the Matrix chat protocol are vulnerable to a data corruption issue. An attacker could potentially cause data integrity issues by sending specially crafted messages...

Mozilla: Matrix SDK bundled with Thunderbird vulnerable to a data corruption issue

A flaw was found in Mozilla. According to the Mozilla Foundation Security Advisory, Thunderbird users who use the Matrix chat protocol are vulnerable to a data corruption issue. An attacker could potentially cause data integrity issues by sending specially crafted messages...

PT-2022-24849 · Unknown · Matrix Ios Sdk

Name of the Vulnerable Software and Affected Versions: Matrix iOS SDK versions prior to 0.23.19 Description: The issue allows an attacker, in cooperation with a malicious homeserver, to construct messages that appear to come from another person. These messages may be marked with a grey shield on...

Matrix 授权问题漏洞

Matrix is an ambitious new ecosystem for open federated instant messaging and VoIP. A security vulnerability exists in the Matrix Javascript SDK prior to version 19.7.0, which stems from a lack of required checks in matrix-js-sdk...

Denial Of Service (DoS)

Matrix is vulnerable to denial of service and injection vulnerability. An attacker may inject a crafted event into a room by specifying a different room id in the path of a /sendjoin, /sendleave, /invite or /exchangethirdpartyinvite request leading to a denial of service in which future events wi...