Vulnerability Details CVE-2017-14196
An issue was discovered in Squiz Matrix from 5.3 through to 5.3.6.1 and 5.4.1.3. An information disclosure caused by a Path Traversal issue in the 'File Bridge' plugin allowed the existence of files outside of the bridged path to be confirmed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2017-14196
-
cpe:2.3:a:squiz:matrix:5.3.0.0
-
cpe:2.3:a:squiz:matrix:5.3.1.0
-
cpe:2.3:a:squiz:matrix:5.3.1.1
-
cpe:2.3:a:squiz:matrix:5.3.2.0
-
cpe:2.3:a:squiz:matrix:5.3.2.1
-
cpe:2.3:a:squiz:matrix:5.3.3.0
-
cpe:2.3:a:squiz:matrix:5.3.4.0
-
cpe:2.3:a:squiz:matrix:5.3.4.1
-
cpe:2.3:a:squiz:matrix:5.3.4.2
-
cpe:2.3:a:squiz:matrix:5.3.5.0
-
cpe:2.3:a:squiz:matrix:5.3.5.1
-
cpe:2.3:a:squiz:matrix:5.3.5.2
-
cpe:2.3:a:squiz:matrix:5.3.6.0
-
cpe:2.3:a:squiz:matrix:5.3.6.1
-
cpe:2.3:a:squiz:matrix:5.4.1.3