Vulnerability Details CVE-2021-44618
A Server-side Template Injection (SSTI) vulnerability exists in Nystudio107 Seomatic 3.4.12 in src/helpers/UrlHelper.php via the host header.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://github.com/nystudio107/craft-seomatic/commit/0c5c0c0e0cb61000d12ec55ebf174745a5bf6469
- https://github.com/nystudio107/craft-seomatic/releases/tag/3.4.12
- https://github.com/nystudio107/craft-seomatic/commit/0c5c0c0e0cb61000d12ec55ebf174745a5bf6469
- https://github.com/nystudio107/craft-seomatic/releases/tag/3.4.12
Products affected by CVE-2021-44618
-
cpe:2.3:a:nystudio107:seomatic:3.4.12