0Xb455

**Name of the Vulnerable Software and Affected Versions** Craft CMS SEOmatic plugin versions prior to 3.1.4 **Description** A Server Side Template Injection (SSTI) issue was found, where requests that do not match any elements incorrectly generate the canonicalUrl. This can lead to the execution of Twig code. **Recommendations** For versions prior to 3.1.4, update to version 3.1.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the SEOmatic plugin until a patch is applied.