CVE-2023-37259
Summary
| CVE | CVE-2023-37259 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2023-07-18 17:15:00 UTC |
|---|
| Updated | 2023-07-27 19:50:00 UTC |
|---|
| Description | matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored Cross site scripting (XSS). Since the Export Chat feature generates a separate document, an attacker can only inject code run from the `null` origin, restricting the impact. However, the attacker can still potentially use the XSS to leak message contents. A malicious homeserver is a potential attacker since the affected inputs are controllable server-side. This issue has been addressed in commit `22fcd34c60` which is included in release version 3.76.0. Users are advised to upgrade. The only known workaround for this issue is to disable or to not use the Export Chat feature. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Sanitise strings going into the html export CVE-2023-37259 · matrix-org/matrix-react-sdk@22fcd34 · GitHub |
MISC |
github.com |
|
| Potential for XSS in Export Chat feature · Advisory · matrix-org/matrix-react-sdk · GitHub |
MISC |
github.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 691214 Free Berkeley Software Distribution (FreeBSD) Security Update for element (c70c3dc3-258c-11ee-b37b-901b0e9408dc)
