A Server Side Template Injection (SSTI) exists in the SEOmatic plugin prior to 3.1.4 for Craft CMS, because requests that don't match any elements incorrectly generate the canonicalUrl, and can lead to execution of Twig code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nystudio107 seomatic |