Andybalaam

**Name of the Vulnerable Software and Affected Versions** matrix-react-sdk versions prior to 3.76.0 **Description** The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored Cross site scripting (XSS). Since the Export Chat feature generates a separate document, an attacker can only inject code run from the `null` origin, restricting the impact. However, the attacker can still potentially use the XSS to leak message contents. A malicious homeserver is a potential attacker since the affected inputs are controllable server-side. **Recommendations** To resolve the issue, upgrade to release version 3.76.0 or later. As a temporary workaround, consider disabling or not using the Export Chat feature until a patch is available.