Matrix Security Vulnerabilities and Issues — Matrix CVE List

Lucene search

SquizMatrix

3 matches found

CVE•added 2017/11/30 2:29 a.m.•36 views

CVE-2017-14198

An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x before 5.4.1.3. Authenticated users with permissions to edit design assets can cause Remote Code Execution (RCE) via a maliciously crafted time_format tag.

8.8CVSS8.7AI score0.01487EPSS

CVE•added 2017/11/30 2:29 a.m.•35 views

CVE-2017-14196

An issue was discovered in Squiz Matrix from 5.3 through to 5.3.6.1 and 5.4.1.3. An information disclosure caused by a Path Traversal issue in the 'File Bridge' plugin allowed the existence of files outside of the bridged path to be confirmed.

7.5CVSS7.1AI score0.0052EPSS

CVE•added 2017/11/30 2:29 a.m.•32 views

CVE-2017-14197

An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x before 5.4.1.3. There are multiple reflected Cross-Site Scripting (XSS) issues in Matrix WYSIWYG plugins.

6.1CVSS6AI score0.00223EPSS