[Full Changelog](https://github.com/matrix-org/matrix-react-sdk/compare/v3.15.0-rc.1...v3.15.0) matrix-react-sdk 3.15.0 fixes a low severity issue (CVE-2021-21320) where the user content sandbox can be abused to trick users into opening unexpected documents. The content is opened with a `blob` origin that cannot access Matrix user data, so messages and secrets are not at risk. Thanks to @keerok for responsibly disclosing this via Matrix's Security Disclosure Policy. * Upgrade to JS SDK 9.8.0