[KIS-2016-13] Piwik <= 2.16.0 (saveLayout) PHP Object Injection Vulnerability

Posted by Egidio Romano on Nov 07

—————————————————————
Piwik <= 2.16.0 (saveLayout) PHP Object Injection Vulnerability
—————————————————————

[-] Software Link:

https://piwik.org/

[-] Affected Versions:

Version 2.16.0 and prior versions.

[-] Vulnerability Description:

The vulnerability can be triggered through the saveLayout() method
defined in /plugins/Dashboard/Controller.php:

210….

Leave a Reply