VYPR
Medium severity5.3NVD Advisory· Published Sep 6, 2022· Updated Jun 17, 2026

CVE-2022-32277

CVE-2022-32277

Description

Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details. NOTE: this is disputed by both the vendor and the original discoverer because it is a site-specific finding, not a finding about the Squiz Matrix CMS product.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Squiz/Matrixcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 6.20

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.