Description
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/VoIP client into a web page. Prior to version 3.71.0, plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs to trick a user into searching for a specific message containing an HTML injection payload. No cross-site scripting attack is possible due to the hardcoded content security policy. Version 3.71.0 of the SDK patches over the issue. As a workaround, restarting the client will clear the HTML injection.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://github.com/matrix-org/matrix-react-sdk/security/advisories/GHSA-xv83-x443-7rmw
Patch x_refsource_misc
https://github.com/matrix-org/matrix-react-sdk/commit/bf182bc94556849d7acdfa0e5fdea2aa129ea826
Release Notes x_refsource_misc
https://github.com/matrix-org/matrix-react-sdk/releases/tag/v3.71.0
Scores
CVSS v3
5.4
EPSS
0.0115
EPSS Percentile
78.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-74
Status
published
Products (2)
matrix-react-sdk_project/matrix-react-sdk
< 3.71.0
npm/matrix-react-sdk
0 - 3.71.0npm
Published
Apr 25, 2023
Tracked Since
Feb 18, 2026