0.001 Low
EPSS
Percentile
50.8%
piwik is vulnerable to cross-site scripting (XSS) attacks. It is possible because it does not prevent the attackers from injecting web script or HTML.
piwik.org/blog/2012/10/piwik-1-9/
www.openwall.com/lists/oss-security/2012/10/22/1
www.openwall.com/lists/oss-security/2012/10/23/2
github.com/piwik/piwik/commit/5c8ecb8bbe1a0cb0d4811dbc3ac0d60996c3e3dc
github.com/piwik/piwik/issues/3471
piwik.org/changelog/piwik-1-9