Name of the Vulnerable Software and Affected Versions node-irc versions prior to 1.2.1

Description The issue allows an attacker to manipulate a Matrix user into executing IRC commands by having them reply to a maliciously crafted message. This is due to incorrect handling of a CR character, which enables part of the message to be sent to the IRC server verbatim rather than as a message to the channel.

Recommendations For versions prior to 1.2.1, update to version 1.2.1 to resolve the issue.