CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Squiz: >> Matrix >> 5.4.1.1 Security Vulnerabilities

CVE-2017-14197

An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x before 5.4.1.3. There are multiple reflected Cross-Site Scripting (XSS) issues in Matrix WYSIWYG plugins.

CVSS Score

6.1

EPSS Score

0.002

Published

2017-11-30

CVE-2017-14198

An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x before 5.4.1.3. Authenticated users with permissions to edit design assets can cause Remote Code Execution (RCE) via a maliciously crafted time_format tag.

CVSS Score

8.8

EPSS Score

0.015

Published

2017-11-30

Page 1

Vulnerabilities

Vulnerable Software

Squiz: >> Matrix >> 5.4.1.1 Security Vulnerabilities

Products

Pricing

Contact Us