Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details. NOTE: this is disputed by both the vendor and the original discoverer because it is a site-specific finding, not a finding about the Squiz Matrix CMS product.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-09-06T00:00:00
Updated: 2024-08-03T07:39:50.259Z
Reserved: 2022-06-03T00:00:00
Link: CVE-2022-32277
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-09-06T20:15:08.553
Modified: 2024-11-21T07:06:05.403
Link: CVE-2022-32277
Redhat
No data.