CVE-2021-21320 – matrix-react-sdk is an npm package which is a Matrix SDK for React Javascript. In matrix-r …

2 March 2021

Vuln ID: CVE-2021-21320

Published: 2021-03-02 03:15:13Z

Description: matrix-react-sdk is an npm package which is a Matrix SDK for React Javascript. In matrix-react-sdk before version 3.15.0, the user content sandbox can be abused to trick users into opening unexpected documents. The content is opened with a `blob` origin that cannot access Matrix user data, so messages and secrets are not at risk. This has been fixed in version 3.15.0.

Source: NVD.NIST.GOV

Date:

2 March 2021

Categorie(s):

NVD

Tag(s):

NVD

Ransomware attack causes city street lights to “misbehave”25 April 2024
Google can’t seem to quit cookies, delays killing them again25 April 2024
Analyze Malicious Powershell Scripts by Running Malware in ANY.RUN Sandbox25 April 2024
Apple reportedly cuts Vision Pro production due to low demand25 April 2024
Action needed amid escalating ransomware attacks, record-high payments25 April 2024