matrix-react-sdk@3.73.0-rc.1 vulnerabilities
SDK for matrix.org using React
-
latest version
3.99.0
-
latest non vulnerable version
-
first published
9 years ago
-
latest version published
6 days ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the matrix-react-sdk package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
matrix-react-sdk is a SDK for matrix.org using React Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the Export Chat feature, which includes certain attacker-controlled elements in the generated document without sufficient escaping. Note:
An attacker can only inject code run from the How to fix Cross-site Scripting (XSS)? Upgrade |
>=3.32.0 <3.76.0
|