2 matches found
Cross-site Scripting (XSS)
matrix-react-sdk is vulnerable to Cross-Site Scripting. The vulnerability is due to a lack of HTML sanitization in the export chat feature, which results in Cross-Site Scripting...
CVE-2020-4054
In Sanitize RubyGem sanitize greater than or equal to 3.0.0 and less than 5.2.1, there is a cross-site scripting vulnerability. When HTML is sanitized using Sanitize's "relaxed" config, or a custom config that allows certain elements, some content in a math or svg element may not be sanitized...