I posted a message in my Space

[DarthChillash]

Steps to reproduce

I was not sure if this is a bug, or security vulnerability (since the server allowed it), or both.

With Element X iOS I have posted a message in my Space. The server is matrix.org
The steps I did:

1. In my public room #lrl I have edited room info and in there I added a link to my Space for people who have been invited directly to the room, so they would have an easy way to join the entire Space as well. The link leads to #LinuxRenaissance which is a space.
2. With Element X I have clicked once on the above link and nothing happened. I clicked again and it took me to my Space which appeared as a regular room.
3. I typed two messages in there and my Space members told me they got a notification that I am writing in the Space, and that they are unable to see my message as it is ... well, it's in a "subspace" :)

I am opening this issue on request of mr. Stefan. I have left everyone as is (I did not delete messages in my Space) so someone can come and take a look.

Outcome

I have expected that the client will not be able to send a message into a Space.
I have expected that the server would reject an attempt to send a message to a space.

Instead, both of the above came to pass.

Your phone model

iPhone 15 Pro Max

Operating system version

18.2.1

Application version

1.9.10 (141)

Homeserver

matrix.org

Will you send logs?

Yes

[DarthChillash]

I sent the logs and in logs comment I wrote the number of this Github issue number.