Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist

mautic/core

packagist

Mautic Open Source Distribution

View on github.com · View on packagist.org

Security Advisories for mautic/core in packagist

Moderate
about 2 months ago

Mautic Vulnerable to User Enumeration via Response Timing GSA_kwCzR0hTQS0zZ2d2LXF3Y3AtajZ4Z84ABLo1

packagist mautic/core
Moderate
about 2 months ago

Mautic vulnerable to reflected XSS in lead:addLeadTags - Quick Add GSA_kwCzR0hTQS05djhwLW04NW0tZjdtbc4ABLo0

packagist mautic/core
Moderate
about 2 months ago

Mautic vulnerable to secret data extraction via elfinder GSA_kwCzR0hTQS00MzhtLTZtaHctaHE1d84ABLoz

packagist mautic/core
Low
about 2 months ago

Mautic vulnerable to SSRF via webhook function GSA_kwCzR0hTQS1oajZmLTdocDcteGc2Oc4ABLoy

packagist mautic/core
Moderate
5 months ago

Mautic has an Open Redirect vulnerability on user unlock path. GSA_kwCzR0hTQS02dng5LTlyMmctODM3M84ABIbu

packagist mautic/core
Moderate
5 months ago

Mautic segment cloning doesn't have a proper permission check GSA_kwCzR0hTQS12cGg1LWdocTMtcTc4Ms4ABIbt

packagist mautic/core
Moderate
5 months ago

Mautic allows user name enumeration due to response time difference on password reset form GSA_kwCzR0hTQS00MjR4LWN4dmgtd3E5cM4ABIbs

packagist mautic/core
Moderate
5 months ago

Mautic does not shield .env files from web traffic GSA_kwCzR0hTQS1oMndnLXY4d2ctamh4aM4ABIbr

packagist mautic/core
Moderate
5 months ago

Mautic's Predictable Page Indexing Might Lead to Sensitive Data Exposure GSA_kwCzR0hTQS1jcXg0LTl2cWYtcTNtOM4ABIbq

packagist mautic/core
Moderate
8 months ago

Mautic allows Relative Path Traversal in assets file upload GSA_kwCzR0hTQS00dzJ3LTM2dm0tYzhoZs4ABEx7

packagist mautic/core
High
8 months ago

Mautic allows Improper Authorization in Reporting API GSA_kwCzR0hTQS04eHY3LWcycTMtZnFnY84ABEx6

packagist mautic/core
Critical
8 months ago

Mautic allows Remote Code Execution and File Deletion in Asset Uploads GSA_kwCzR0hTQS03M2d4LXg3cjktNzd4Ms4ABEx5

packagist mautic/core
Moderate
about 1 year ago

Mautic allows users enumeration due to weak password login GSA_kwCzR0hTQS04dmZmLTM1cW0tcWp2ds4AA_rk

packagist mautic/core
Moderate
about 1 year ago

Mautic has insufficient authentication in upgrade flow GSA_kwCzR0hTQS1xZjZtLTZtNGctcm1yY84AA_rj

packagist mautic/core-lib, mautic/core
Moderate
about 1 year ago

Mautic has an XSS in contact tracking and page hits report GSA_kwCzR0hTQS14cGM1LXJyMzktdjh2Ms4AA_ri

packagist mautic/core, mautic/core-lib
Moderate
about 1 year ago

Mautic vulnerable to XSS in contact/company tracking (no authentication) GSA_kwCzR0hTQS03M2dyLTMyd2ctcWhoN84AA_rh

packagist mautic/core-lib, mautic/core
Moderate
about 1 year ago

Mautic vulnerable to Cross-site Scripting (XSS) - stored (edit form HTML field) GSA_kwCzR0hTQS14djY4LXJybXctOXh3Zs4AA_rg

packagist mautic/core-lib, mautic/core
High
about 1 year ago

Mautic vulnerable to Improper Access Control in UI upgrade process GSA_kwCzR0hTQS14M2p4LTV3Nm0tcTJmY84AA_rI

packagist mautic/core, mautic/core-lib
Critical
over 1 year ago

Mautic is vulnerable to XSS vulnerability GSA_kwCzR0hTQS00MnE3LTk1ajctdzYybc4AA8GE

packagist mautic/core
Moderate
over 1 year ago

Mautic: MST-48 Server-Side Request Forgery in Asset section GSA_kwCzR0hTQS1tZ3Y4LXc0OWYtODIyd84AA69_

packagist mautic/core
High
over 1 year ago

Mautic Sensitive Data Exposure due to inadequate user permission settings GSA_kwCzR0hTQS1xangzLTJnMzUtNmh2OM4AA69Z

packagist mautic/core
Moderate
over 1 year ago

Mautic SQL Injection in dynamic Reports GSA_kwCzR0hTQS1qajZ3LTJjcWctN3A5NM4AA69Y

packagist mautic/core
High
over 1 year ago

Mautic vulnerable to Relative Path Traversal / Arbitrary File Deletion due to GrapesJS builder GSA_kwCzR0hTQS05ZmN4LWN2NTYtdzU4cM4AA69X

packagist mautic/core
Moderate
over 1 year ago

Mautic vulnerable to cross-site scripting in notifications via saving Dashboards GSA_kwCzR0hTQS1maGN4LWY3amctangzZs4AA68T

packagist mautic/core
High
over 1 year ago

Mautic vulnerable to stored cross-site scripting in description field GSA_kwCzR0hTQS0ycmM1LTI3NTUtdjQyMs4AA671

packagist mautic/core
Critical
over 3 years ago

Cross-site Scripting vulnerability in Mautic's tracking pixel functionality GSA_kwCzR0hTQS1wanBjLTg3bXAtNDMzMs4AArNG

packagist mautic/core
Critical
over 3 years ago

Mautic stored Cross-site Scripting (XSS) GSA_kwCzR0hTQS0zcHg1LXdqaDMtOXg2cs4AArCb

packagist mautic/core
Critical
over 3 years ago

Mautic stored Cross-site Scripting (XSS) GSA_kwCzR0hTQS05OGoyLTNqdjctMjc0bc4AAnQi

packagist mautic/core
Moderate
over 3 years ago

Mautic Cross Site Scripting (XSS) vulnerability GSA_kwCzR0hTQS0zNTh2LWNxamMtMnBjcc4AAXVw

packagist mautic/core
High
over 3 years ago

Sensitive Cookie Without HttpOnly and Secure Flag GSA_kwCzR0hTQS04MjU1LXFmMzQtNDRtcM4AAR1d

packagist mautic/core
High
over 3 years ago

Mautic Cross-Site Request Forgery (CSRF) GSA_kwCzR0hTQS03dnZoLXhxcTQtdzc3N83zUg

packagist mautic/core
Moderate
over 3 years ago

Improper regex in htaccess file GSA_kwCzR0hTQS1tajZtLTI0NmgtOXc1Ns0vhQ

packagist mautic/core
Low
about 4 years ago

Use of a Broken or Risky Cryptographic Algorithm MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg3ZzItd3JycC1yNmgz

packagist mautic/core
Moderate
about 4 years ago

XSS vulnerability on password reset page MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMyaHctM3B2aC12Y3Zj

packagist mautic/core
High
about 4 years ago

Stored XSS vulnerability on Bounce Management Callback MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2cHYtOTVtai03dzVm

packagist mautic/core
High
about 4 years ago

XSS vulnerability on contacts view MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTcyaG0tZng3OC14d2hj

packagist mautic/core
High
about 4 years ago

XSS vulnerability on asset view MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJoNXctODJ3aC1qaHI4

packagist mautic/core
Moderate
over 4 years ago

Mautic vulnerable to secret data exfiltration via symfony parameters MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRoanEtNDIycS00dnB4

packagist mautic/core
High
almost 5 years ago

XSS in Mautic MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA3djQtZ202ai1jdzlt

packagist mautic/core
Moderate
almost 5 years ago

CSV Injection vulnerability with exported contact lists in Mautic MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI5djktMmZweC1qNWc5

packagist mautic/core
Moderate
almost 5 years ago

XSS vulnerability in company name field in Mautic MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTloeDctcmc3dy14bTc5

packagist mautic/core
Moderate
almost 5 years ago

Inline JS XSS vulnerability in Mautic MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFqaHItYzIzZi13NzZx

packagist mautic/core
High
almost 5 years ago

Mautic Sessions could be hijacked due to tracking contacts by an auto-incremented ID MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmeGotcWc5My03d3dj

packagist mautic/core
High
almost 5 years ago

Disabled users able to log in with third party SSO plugin MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4OTgtZng5ai03Yzc4

packagist mautic/core
Moderate
almost 5 years ago

XSS vulnerability in theme config file in Mautic MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV3NzQtang3bS14Nmh2

packagist mautic/core
Moderate
almost 5 years ago

XSS vulnerability in Author URL of themes in Mautic MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhjZjctY2o4cS1wY2pt

packagist mautic/core
Moderate
almost 5 years ago

Mautic users able to download any files from server using filemanager MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwZ3ctMmM3Mi00Yzg5

packagist mautic/core
Critical
almost 5 years ago

XSS vulnerability leveraged through referrers could allow un-authorized admin access in Mautic MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM5d2otajNqYy04NTht

packagist mautic/core

Filter by Severity

Moderate 27 High 13 Critical 6 Low 2