Progval

**Name of the Vulnerable Software and Affected Versions** matrix-appservice-irc versions prior to 2.0.1 **Description** The issue arises from the reliance on the Matrix homeserver-provided timestamp to determine user access to events. A malicious Matrix homeserver can fabricate this timestamp to trick the bridge into leaking room messages it should not have access to. The bridge tracks event timestamps internally in version 2.0.1, dropping the reliance on `origin server ts`. As a workaround, limiting the amount of information leaked is possible by setting a reply template that doesn't contain the original message. **Recommendations** For versions prior to 2.0.1, update to version 2.0.1 or later to resolve the issue. As a temporary workaround, consider setting a reply template that doesn't contain the original message to limit the amount of information leaked.

**Name of the Vulnerable Software and Affected Versions** matrix-appservice-irc versions prior to 2.0.0 **Description** The issue allows a malicious user to leak the truncated body of a message if they send a Matrix reply to an event ID they don't have access to. The malicious user needs to know the event ID of the message they want to leak and be joined to both the Matrix room and the IRC channel it is bridged to. The message reply containing the leaked message content is visible to IRC channel members. **Recommendations** For versions prior to 2.0.0, upgrade to version 2.0.0 to resolve the issue. As a temporary workaround, consider setting a reply template that doesn't contain the original message to limit the amount of information leaked.