nystudio107/craft-seomatic is vulnerable to server-side template injection. Lack of validation and sanitization allows an attacker to inject and execute arbitrary template variables that can lead to code execution via malicious data to the metacontainers controller.
CPE | Name | Operator | Version |
---|---|---|---|
nystudio107/craft-seomatic | le | 3.2.45 | |
nystudio107/craft-seomatic | le | 3.2.45 |