An issue was discovered in Squiz Matrix from 5.3 through to 5.3.6.1 and 5.4.1.3. An information disclosure caused by a Path Traversal issue in the 'File Bridge' plugin allowed the existence of files outside of the bridged path to be confirmed.
References
| Link | Resource |
|---|---|
| http://devalias.net/devalias/2017/09/07/squiz-matrix-multiple-vulnerabilities/ | Issue Tracking Third Party Advisory |
| http://devalias.net/devalias/2017/09/07/squiz-matrix-multiple-vulnerabilities/ | Issue Tracking Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:12
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://devalias.net/devalias/2017/09/07/squiz-matrix-multiple-vulnerabilities/ - Issue Tracking, Third Party Advisory |
Information
Published : 2017-11-30 02:29
Updated : 2024-11-21 03:12
NVD link : CVE-2017-14196
Mitre link : CVE-2017-14196
CVE.ORG link : CVE-2017-14196
JSON object : View
Products Affected
squiz
- matrix
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')