User content sandbox can be confused into opening arbitrary documents
Description
matrix-react-sdk is an npm package which is a Matrix SDK for React Javascript. In matrix-react-sdk before version 3.15.0, the user content sandbox can be abused to trick users into opening unexpected documents. The content is opened with a blob origin that cannot access Matrix user data, so messages and secrets are not at risk. This has been fixed in version 3.15.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
In matrix-react-sdk before 3.15.0, the user content sandbox could be abused to trick users into opening malicious documents, potentially exposing user data.
Vulnerability
Overview
CVE-2021-21320 is a sandbox bypass vulnerability in matrix-react-sdk, a React-based Matrix SDK for building chat clients. The issue lies in the user content sandbox mechanism, which is designed to render user-uploaded files (e.g., images, documents) in a restricted iframe. Prior to version 3.15.0, the sandbox could be confused into opening unexpected documents after several user interactions. [1][4]
Exploitation
The attack exploits a flawed origin validation in the sandbox's postMessage handler. The sandbox page previously relied on a lockOrigin parameter passed via URL query string to verify messages from the parent window. However, an attacker could craft a malicious document that, when opened by the victim, manipulates the sandbox to accept messages from origins other than the legitimate Matrix client. By convincing the user to interact with the malicious content (e.g., clicking a link or downloading a file), the attacker could trigger the sandbox to load an unexpected document. [2][3]
Impact
While the initial description states that content is opened with a blob origin that cannot access Matrix user data [1], the official GitHub security advisory notes that a successful attack could allow a malicious document to access user messages and secrets, because the content may run with a blob origin derived from the Matrix client's origin. This means an attacker could potentially read private conversations or other sensitive data if the victim is tricked into opening the malicious document. [4]
Mitigation
The vulnerability was fixed in matrix-react-sdk version 3.15.0, released on February 16, 2021. The fix removes the insecure lockOrigin parameter and instead validates messages against the sandbox's own origin (window.location.origin). No known workarounds are available; users must upgrade to the patched version. [2][3][4]
- NVD - CVE-2021-21320
- Remove redundant lockOrigin parameter from usercontent by t3chguy · Pull Request #5657 · matrix-org/matrix-react-sdk
- Merge pull request #5657 from matrix-org/t3chguy/usercontent · matrix-org/matrix-react-sdk@b386f0c
- User content sandbox can be confused into opening arbitrary documents and exposing user data
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
matrix-react-sdknpm | < 3.15.0 | 3.15.0 |
Affected products
2- matrix-org/matrix-react-sdkv5Range: < 3.15.0
Patches
1b386f0c73b95Merge pull request #5657 from matrix-org/t3chguy/usercontent
2 files changed · +2 −9
src/components/views/messages/MFileBody.js+1 −1 modified@@ -288,7 +288,7 @@ export default class MFileBody extends React.Component { <a ref={this._dummyLink} /> </div> <iframe - src={`${url}?origin=${encodeURIComponent(window.location.origin)}`} + src={url} onLoad={onIframeLoad} ref={this._iframe} sandbox="allow-scripts allow-downloads allow-downloads-without-user-activation" />
src/usercontent/index.js+1 −8 modified@@ -1,10 +1,3 @@ -const params = window.location.search.substring(1).split('&'); -let lockOrigin; -for (let i = 0; i < params.length; ++i) { - const parts = params[i].split('='); - if (parts[0] === 'origin') lockOrigin = decodeURIComponent(parts[1]); -} - function remoteRender(event) { const data = event.data; @@ -45,7 +38,7 @@ function remoteSetTint(event) { } window.onmessage = function(e) { - if (e.origin === lockOrigin) { + if (e.origin === window.location.origin) { if (e.data.blob) remoteRender(e); else remoteSetTint(e); }
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- github.com/advisories/GHSA-52mq-6jcv-j79xghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-21320ghsaADVISORY
- github.com/matrix-org/matrix-react-sdk/commit/b386f0c73b95ecbb6ea7f8f79c6ff5171a8dedd1ghsax_refsource_MISCWEB
- github.com/matrix-org/matrix-react-sdk/pull/5657ghsax_refsource_MISCWEB
- github.com/matrix-org/matrix-react-sdk/security/advisories/GHSA-52mq-6jcv-j79xghsax_refsource_CONFIRMWEB
- www.npmjs.com/package/matrix-react-sdkghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.