CVE-2017-14198

Publication date

2017-11-30 02:00:00

Family

mitre

State

PUBLISHED

Description

An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x before 5.4.1.3. Authenticated users with permissions to edit design assets can cause Remote Code Execution (RCE) via a maliciously crafted time_format tag.