CVE-2013-2633
Matomo < 1.11 - Information Exposure via POST Request Parameter Logging
Title source: llmDescription
Piwik before 1.11 accepts input from a POST request instead of a GET request in unspecified circumstances, which might allow attackers to obtain sensitive information by leveraging the logging of parameters.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
http://piwik.org/blog/2013/03/piwik-1-11/
Scores
EPSS
0.0099
EPSS Percentile
58.5%
Details
CWE
CWE-20
Status
published
Products (23)
matomo/matomo
1.0
matomo/matomo
1.1
matomo/matomo
1.1.1
matomo/matomo
1.2
matomo/matomo
1.2.1
matomo/matomo
1.3
matomo/matomo
1.4
matomo/matomo
1.5
matomo/matomo
1.5.1
matomo/matomo
1.6
... and 13 more
Published
Mar 21, 2013
Tracked Since
Feb 18, 2026