Matrix Media Repo
CVE-2023-41318
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
1DescriptionNVD
matrix-media-repo is a highly customizable multi-domain media repository for the Matrix chat ecosystem. In affected versions an attacker could upload a malicious piece of media to the media repo, which would then be served with Content-Disposition: inline upon download. This vulnerability could be leveraged to execute scripts embedded in SVG content. Commits 77ec235 and bf8abdd fix the issue and are included in the 1.3.0 release. Operators should upgrade to v1.3.0 as soon as possible. Operators unable to upgrade should override the Content-Disposition header returned by matrix-media-repo as a workaround.
AnalysisAI
matrix-media-repo is a highly customizable multi-domain media repository for the Matrix chat ecosystem. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Technical ContextAI
This vulnerability is classified as Cross-Site Scripting (XSS) (CWE-79), which allows attackers to inject malicious scripts into web pages viewed by other users. matrix-media-repo is a highly customizable multi-domain media repository for the Matrix chat ecosystem. In affected versions an attacker could upload a malicious piece of media to the media repo, which would then be served with Content-Disposition: inline upon download. This vulnerability could be leveraged to execute scripts embedded in SVG content. Commits 77ec235 and bf8abdd fix the issue and are included in the 1.3.0 release. Operators should upgrade to v1.3.0 as soon as possible. Operators unable to upgrade should override the Content-Disposition header returned by matrix-media-repo as a workaround. Affected products include: Turt2Live Matrix-Media-Repo.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Sanitize all user input, use Content-Security-Policy headers, encode output contextually (HTML, JS, URL). Use frameworks with built-in XSS protection.
More in Matrix Media Repo
View allmatrix-media-repo is an open-source multi-domain media repository for Matrix. Rated medium severity (CVSS 6.5), this vul
Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. Rated medium severity (CV
Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. Rated medium severity (CV
Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. Rated medium severity (CV
Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. Rated medium severity (CV
Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. Rated medium severity (CV
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today