FreeBSD : piwik -- XSS vulnerability (22775cdd-395a-11e6-b3c8-14dae9d210b8)

high Nessus Plugin ID 91790

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Piwik reports :

The Piwik Security team is grateful for the responsible disclosures by our security researchers: Egidio Romano (granted a critical security bounty), James Kettle and Pawel Bartunek (XSS) and Emanuel Bronshtein (limited XSS).

Solution

Update the affected package.

See Also

https://matomo.org/changelog/piwik-2-16-1/

http://www.nessus.org/u?42af76bd

Plugin Details

Severity: High

ID: 91790

File Name: freebsd_pkg_22775cdd395a11e6b3c814dae9d210b8.nasl

Version: 2.5

Type: local

Published: 6/24/2016

Updated: 1/4/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:piwik, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 6/23/2016

Vulnerability Publication Date: 4/11/2016