CVE-2013-2633

Matomo < 1.11 - Information Exposure via POST Request Parameter Logging

Title source: llm
STIX 2.1

Description

Piwik before 1.11 accepts input from a POST request instead of a GET request in unspecified circumstances, which might allow attackers to obtain sensitive information by leveraging the logging of parameters.

References (1)

Core 1
Core References
Various Sources x_refsource_confirm
http://piwik.org/blog/2013/03/piwik-1-11/

Scores

EPSS 0.0099
EPSS Percentile 58.5%

Details

CWE
CWE-20
Status published
Products (23)
matomo/matomo 1.0
matomo/matomo 1.1
matomo/matomo 1.1.1
matomo/matomo 1.2
matomo/matomo 1.2.1
matomo/matomo 1.3
matomo/matomo 1.4
matomo/matomo 1.5
matomo/matomo 1.5.1
matomo/matomo 1.6
... and 13 more
Published Mar 21, 2013
Tracked Since Feb 18, 2026