CVE-2022-33156

Name of the Vulnerable Software and Affected Versions matomo integration extension versions prior to 1.3.2

Description The issue allows for XSS due to the extension's failure to properly encode user input for output in HTML context. A TYPO3 backend user account is required to exploit this issue.

Recommendations For matomo integration extension versions prior to 1.3.2, update to version 1.3.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the extension to minimize the risk of exploitation.