Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2023-41318

Good to know:

icon

Date: September 8, 2023

matrix-media-repo is a highly customizable multi-domain media repository for the Matrix chat ecosystem. In affected versions an attacker could upload a malicious piece of media to the media repo, which would then be served with "Content-Disposition: inline" upon download. This vulnerability could be leveraged to execute scripts embedded in SVG content. Commits "77ec235" and "bf8abdd" fix the issue and are included in the 1.3.0 release. Operators should upgrade to v1.3.0 as soon as possible. Operators unable to upgrade should override the "Content-Disposition" header returned by matrix-media-repo as a workaround.

Language: Go

Severity Score

Related Resources (7)

https://github.com/turt2live/matrix-media-repo/security/advisories/GHSA-5crw-6j7v-xc72
https://developer.mozilla.org/en-US/docs/Web/SVG/Element/script
https://github.com/turt2live/matrix-media-repo/commit/bf8abdd7a5371118e280c65a8e0ec2b2e9bdaf59
https://github.com/turt2live/matrix-media-repo/commit/77ec2354e8f46d5ef149d1dcaf25f51c04149137
https://github.com/turt2live/matrix-media-repo
https://nvd.nist.gov/vuln/detail/CVE-2023-41318
https://www.mend.io/vulnerability-database/CVE-2023-41318

Severity Score

Weakness Type (CWE)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-79

Top Fix

icon

Upgrade Version

Upgrade to version github.com/turt2live/matrix-media-repo - v1.3.0

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): LOW
User Interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality (C): LOW
Integrity (I): NONE
Availability (A): NONE

Do you need more information?

Contact Us