Soumettre #852843: NousResearch hermes-agent 2026.5.29.2 Cross-site Scripting (CWE-79)information

TitreNousResearch hermes-agent 2026.5.29.2 Cross-site Scripting (CWE-79)
Description# Technical Details A Cross-site Scripting vulnerability exists in the `MatrixAdapter._markdown_to_html` method in `gateway/platforms/matrix.py` of hermes-agent. The application fails to escape attacker-supplied raw HTML or sanitize dangerous URL schemes (such as `javascript:`, `data`, and `vbscript`) before writing the converted text directly into Matrix `formatted_body` payloads. # Vulnerable Code File: gateway/platforms/matrix.py Method: _markdown_to_html Why: The adapter directly returns `md.convert(text)` output without escaping raw HTML or filtering link schemes. As long as the `markdown` dependency is importable (which is true when the documented Matrix extra is installed), this code path remains active and bypasses a safer fallback implementation that usually filters these schemes. # Reproduction 1. Ensure Hermes Agent is configured with the Matrix extra installed (where the `markdown` package is importable). 2. Through normal message delivery, supply attacker-controlled text containing raw HTML or a dangerous Markdown link (e.g., `<img src=x onerror="alert(1)">` or `[click](javascript:alert(1))`). 3. Observe that the emitted Matrix payload preserves the raw HTML and dangerous URI scheme inside the `formatted_body` (under `org.matrix.custom.html`). # Impact - Malicious links can be injected into outbound Matrix messages. - Message appearance can be altered with arbitrary inline HTML. - Imposes content and script-injection risks in downstream Matrix clients that trust or insufficiently sanitize the `org.matrix.custom.html` payload.
La source⚠️ https://github.com/NousResearch/hermes-agent/issues/42667
Utilisateur Eric-d (UID 96861)
Soumission09/06/2026 11:19 (il y a 1 mois)
Modérer09/07/2026 19:49 (1 month later)
StatutAccepté
Entrée VulDB377247 [NousResearch hermes-agent jusqu’à 2026.5.29.2 Matrix Adapter matrix.py MatrixAdapter._markdown_to_html cross site scripting]
Points20

Do you know our Splunk app?

Download it now for free!