CVE-2024-47779 HIGH

CVE-2024-47779: Element Web vulnerable to potential exposure of access token via authenticated media

Vendor Element-Hq
Product element-web
Weakness CWE-200 · Info exposure
Published October 15, 2024
Last update November 12, 2024
View on NVD All CVEs

CVSS base score

7.0/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Element is a Matrix web client built using the Matrix React SDK. Element Web versions 1.11.70 through 1.11.80 contain a vulnerability which can, under specially crafted conditions, lead to the access token becoming exposed to third parties. At least one vector has been identified internally, involving malicious widgets, but other vectors may exist. Note that despite superficial similarity to CVE-2024-47771, this is an entirely separate vulnerability, caused by a separate piece of code included only in Element Web. Element Web and Element Desktop share most but not all, of their code and this vulnerability exists in the part of the code base which is not shared between the projects. Users are strongly advised to upgrade to version 1.11.81 to remediate the issue. As a workaround, avoid granting permissions to untrusted widgets.

Key dates

02Disclosure timeline

October 15, 2024 CVE published
November 12, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-12492 Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin <= 2.11.0 - Unauthenticated Sensitive Information Exposure CVE-2023-2446 UserPro <= 5.1.1 - Sensitive Information Disclosure via Shortcode CVE-2025-32953 z80pack Vulnerable to Exposure of the GITHUB_TOKEN in Workflow Run Artifact CVE-2023-29500 CVE-2020-26869 ARC Informatique PcVue Exposure of Sensitive Information to an Unauthorized Actor