CVE-2023-37259 MEDIUM

CVE-2023-37259: Cross site scripting in Export Chat feature

Vendor Matrix-Org

Product matrix-react-sdk

Weakness CWE-79 · XSS

Published July 18, 2023

Last update October 18, 2024

View on NVD All CVEs

CVSS base score

6.1/10

Attack vector Adjacent

Attack complexity Low

Privileges required Low

User interaction Required

Confidentiality High

Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

What the vulnerability does

01Description

matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored Cross site scripting (XSS). Since the Export Chat feature generates a separate document, an attacker can only inject code run from the `null` origin, restricting the impact. However, the attacker can still potentially use the XSS to leak message contents. A malicious homeserver is a potential attacker since the affected inputs are controllable server-side. This issue has been addressed in commit `22fcd34c60` which is included in release version 3.76.0. Users are advised to upgrade. The only known workaround for this issue is to disable or to not use the Export Chat feature.

Key dates

02Disclosure timeline

July 18, 2023 CVE published

October 18, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-37259 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

CVE-2023-37259: Cross site scripting in Export Chat feature

01Description

02Disclosure timeline

03References

04Related CVE