Lucene search
GoogleOSV:GHSA-6Q4J-8PJM-5MGCHistoryMay 24, 2022 - 5:10 p.m.
SEOmatic for CraftCMS allows Server-Side Template Injection
2022-05-2417:10:09
Google
osv.dev
4
0.962 High
EPSS
Percentile
99.5%
The Seomatic component before 3.2.46 for Craft CMS allows Server-Side Template Injection and information disclosure via malformed data to the metacontainers controller.
References
github.com/giany/CVE/blob/master/CVE-2020-9757.txt
github.com/nystudio107/craft-seomatic
github.com/nystudio107/craft-seomatic/blob/v3/CHANGELOG.md
github.com/nystudio107/craft-seomatic/commit/65ab659cb6c914c7ad671af1e417c0da2431f79b
github.com/nystudio107/craft-seomatic/commit/a1c2cad7e126132d2442ec8ec8e9ab43df02cc0f
nvd.nist.gov/vuln/detail/CVE-2020-9757
Related
attackerkb
attackerkb
CVE-2020-9757
2020-03-04 00:00:00
nvd
nvd
CVE-2020-9757
2020-03-04 17:15:12
prion
prion
Sql injection
2020-03-04 17:15:00
osv
osv
CVE-2020-9757
2020-03-04 17:15:12
nuclei
nuclei
Craft CMS < 3.3.0 - Server-Side Template Injection
2020-07-03 17:56:51
veracode
veracode
Server-Side Template Injection (SSTI)
2020-03-05 04:28:05
github
github
SEOmatic for CraftCMS allows Server-Side Template Injection
2022-05-24 17:10:09
cvelist
cvelist
CVE-2020-9757
2020-03-04 16:03:22
cve
cve
CVE-2020-9757
2020-03-04 17:15:12
checkpoint_advisories
checkpoint_advisories
Craft CMS Command Injection (CVE-2020-9757)
2022-10-06 00:00:00
impervablog
impervablog