Prevent content spoofing: display error if the URL is not valid #8693
Labels
c: Security
For issues that make Matomo more secure. Please report issues through HackerOne and not in Github.
Milestone
It is possible to display custom text content on any Piwik instance as follows:
Reported to security team:
I wanted to publicly acknowledge this limited security issue - maybe you have a suggestion on how this should be fixed, or whether we should fix it at all?
The text was updated successfully, but these errors were encountered: