Описание
Piwik before 1.11 accepts input from a POST request instead of a GET request in unspecified circumstances, which might allow attackers to obtain sensitive information by leveraging the logging of parameters.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| matomo | not-affected | package |
EPSS
Процентиль: 49%
0.00257
Низкий
Связанные уязвимости
nvd
почти 13 лет назад
Piwik before 1.11 accepts input from a POST request instead of a GET request in unspecified circumstances, which might allow attackers to obtain sensitive information by leveraging the logging of parameters.
github
больше 3 лет назад
Piwik (now Matomo) Reveals Sensitive Information by Accepting Input from `POST` Requests
EPSS
Процентиль: 49%
0.00257
Низкий