Filtered by vendor Mautic
Subscribe
Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-1000488 | 2 Acquia, Mautic | 2 Mautic, Mautic | 2021-01-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| Mautic version 2.1.0 - 2.11.0 is vulnerable to an inline JS XSS attack when using Mautic forms on a Mautic landing page using GET parameters to pre-populate the form. | |||||
| CVE-2017-1000490 | 2 Acquia, Mautic | 2 Mautic, Mautic | 2021-01-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mautic versions 1.0.0 - 2.11.0 are vulnerable to allowing any authorized Mautic user session (must be logged into Mautic) to use the Filemanager to download any file from the server that the web user has access to. | |||||
| CVE-2018-8071 | 1 Mautic | 1 Mautic | 2018-05-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Mautic before v2.13.0 has stored XSS via a theme config file. | |||||
| CVE-2017-1000506 | 1 Mautic | 1 Mautic | 2018-02-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| Mautic version 2.11.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in Company's name that can result in denial of service and execution of javascript code. | |||||