Vulnerabilities > Squiz > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-06 | CVE-2022-32277 | Authorization Bypass Through User-Controlled Key vulnerability in Squiz Matrix 6.20 Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details. | 5.3 |
| 2017-11-30 | CVE-2017-14197 | Cross-site Scripting vulnerability in Squiz Matrix An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x before 5.4.1.3. | 6.1 |