Matomo Response to ZF2011-02 Security Advisory

The current version of Matomo (Piwik) is not affected by this vulnerability. Since version 0.5 (released December 2009), Matomo checks (and sets, if required) the MySQL connection charset to UTF-8.

Matomo users are, however, encouraged to upgrade to the latest versions of Matomo and PHP to take advantage of new features and bug fixes.

Reference: ZF2011-02: Potential SQL Injection Vector When Using PDO_MySql

Share this post

Share on facebook
Share on twitter
Share on linkedin
Share on print
Share on email