Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details. NOTE: this is disputed by both the vendor and the original discoverer because it is a site-specific finding, not a finding about the Squiz Matrix CMS product.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-09-06T00:00:00

Updated: 2024-08-03T07:39:50.259Z

Reserved: 2022-06-03T00:00:00

Link: CVE-2022-32277

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-09-06T20:15:08.553

Modified: 2024-11-21T07:06:05.403

Link: CVE-2022-32277

cve-icon Redhat

No data.