Matomo (Piwik) 0.5.4 (released Dec. 18, 2009) and earlier versions are not affected by this security advisory to Zend_Log (disclosed Jan. 11, 2010) because Matomo uses UTF-8.

Furthermore, Matomo (Piwik) is not affected by security advisories ZF2010-02 through ZF2010-06 because Matomo uses a subset of ZF which does not include Zend_Form, Zend_View, Zend_Dojo, Zend_Filter, Zend_File, Zend_Service, or Zend_Json.

Matomo (Piwik) users are, however, encouraged to upgrade to the latest version to take advantage of new features and bug fixes.

Reference: Potential XSS vectors due to inconsistent encodings

Any questions?

Many answers and more information about Matomo you can find here:

We are social

Follow us: