nystudio107 SEOmatic 3.0.15 for Craft CMS

CPE Details

nystudio107 SEOmatic 3.0.15 for Craft CMS
nystudio107
seomatic
3.0.15
2019-12-02
16h34 +00:00
2019-12-02
16h34 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:nystudio107:seomatic:3.0.15:*:*:*:*:craft_cms:*:*

Informations

Vendor

nystudio107

Product

seomatic

Version

3.0.15

Target Software

craft_cms

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-41749 2022-06-12 09h00 +00:00 In the SEOmatic plugin up to 3.4.11 for Craft CMS 3, it is possible for unauthenticated attackers to perform a Server-Side Template Injection, allowing for remote code execution.
9.8
Critique
CVE-2020-12790 2020-05-11 16h08 +00:00 In the SEOmatic plugin before 3.2.49 for Craft CMS, helpers/DynamicMeta.php does not properly sanitize the URL. This leads to Server-Side Template Injection and credentials disclosure via a crafted Twig template after a semicolon.
7.5
Haute
CVE-2018-14716 2018-08-06 18h00 +00:00 A Server Side Template Injection (SSTI) was discovered in the SEOmatic plugin before 3.1.4 for Craft CMS, because requests that don't match any elements incorrectly generate the canonicalUrl, and can lead to execution of Twig code.
7.5
Haute