Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2018-14716 — Code Injection in Seomatic

CWE-94 — Code Injection4 documents4 sources

Severity

7.5HIGHNVD

EPSS

60.6%

top 1.71%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Nystudio107 Seomatic Nystudio107 Craft-seomatic

Timeline

PublishedAug 6

Latest updateMay 13

Description

A Server Side Template Injection (SSTI) was discovered in the SEOmatic plugin before 3.1.4 for Craft CMS, because requests that don't match any elements incorrectly generate the canonicalUrl, and can lead to execution of Twig code.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶Packagistnystudio107/craft-seomatic< 3.1.4

▶NVDnystudio107/seomatic< 3.1.4

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

SEOmatic plugin for Craft CMS SSTI Vulnerability↗2022-05-13

▶

GHSA

SEOmatic plugin for Craft CMS SSTI Vulnerability↗2022-05-13

▶

💥Exploits & PoCs

Exploit-DB

Craft CMS SEOmatic plugin 3.1.4 - Server-Side Template Injection↗2018-07-31

▶