In the SEOmatic plugin up to 3.4.11 for Craft CMS 3, it is possible for unauthenticated attackers to perform a Server-Side Template Injection, allowing for remote code execution.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| nystudio107/craft-seomatic(Packagist) | 0 | 3.4.11 | N/A |
CVSS Metrics
