CVE-2018-14716

HIGH

SEOmatic <3.1.4 - SSTI

Title source: llm

Description

A Server Side Template Injection (SSTI) was discovered in the SEOmatic plugin before 3.1.4 for Craft CMS, because requests that don't match any elements incorrectly generate the canonicalUrl, and can lead to execution of Twig code.

Exploits (2)

exploitdb WORKING POC

by 0xB455 · textwebappslinux

https://www.exploit-db.com/exploits/45108

View Code ZIP pw:eip

nomisec WRITEUP 1 stars

by 0xB455 · poc

https://github.com/0xB455/CVE-2018-14716

View Code ZIP pw:eip

References (6)

[Third Party Advisory] http://ha.cker.info/exploitation-of-server-side-template-injection-with-craft-cms-plguin-seomatic/

[Vendor Advisory] https://github.com/nystudio107/craft-seomatic/commit/1e7d1d084ac3a89e7ec70620f2749110508d1ce1

[Patch, Vendor Advisory] https://github.com/nystudio107/craft-seomatic/releases/tag/3.1.4

[Vendor Advisory] https://twitter.com/nystudio107/status/1021847835418009605

[Vendor Advisory] https://twitter.com/nystudio107/status/1021855169515057152

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/45108/

Scores

CVSS v3 7.5

EPSS 0.6061

EPSS Percentile 98.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-94

Status published

Products (2)

nystudio107/craft-seomatic 0 - 3.1.4Packagist

nystudio107/seomatic < 3.1.4

Published Aug 06, 2018

Tracked Since Feb 18, 2026