Security Advisories - mautic/core

mautic/core Security Advisories for 3.1.1-rc (27)

[MEDIUM] Mautic has an Open Redirect vulnerability on user unlock path.

PKSA-q26v-9dpb-k2fj CVE-2025-5256 GHSA-6vx9-9r2g-8373

Affected version: >=6.0.0-alpha,<6.0.2|>=5.0.0-alpha,<5.2.6|>=1.0.0,<4.4.16

Reported by:
GitHub
[MEDIUM] Mautic allows user name enumeration due to response time difference on password reset form

PKSA-s7ys-knkq-xqw6 CVE-2024-47057 GHSA-424x-cxvh-wq9p

Affected version: >=6.0.0-alpha,<6.0.2|>=5.0.0-alpha,<5.2.6|>=1.0.0,<4.4.16

Reported by:
GitHub
[MEDIUM] Mautic allows Relative Path Traversal in assets file upload

PKSA-r9y9-cx91-ppbj CVE-2022-25773 GHSA-4w2w-36vm-c8hf

Affected version: <5.2.3

Reported by:
GitHub
[HIGH] Mautic allows Improper Authorization in Reporting API

PKSA-d6g7-gn2x-xxxs CVE-2024-47053 GHSA-8xv7-g2q3-fqgc

Affected version: >=1.0.1,<5.2.3

Reported by:
GitHub
[CRITICAL] Mautic allows Remote Code Execution and File Deletion in Asset Uploads

PKSA-r8cy-ghyg-685v CVE-2024-47051 GHSA-73gx-x7r9-77x2

Affected version: <5.2.3

Reported by:
GitHub
[MEDIUM] Mautic has insufficient authentication in upgrade flow

PKSA-zrpx-tjt4-ctvz CVE-2022-25770 GHSA-qf6m-6m4g-rmrc

Affected version: >=5.0.0-alpha,<5.1.1|>=1.0.0-beta3,<4.4.13

Reported by:
GitHub
[MEDIUM] Mautic has an XSS in contact tracking and page hits report

PKSA-39c1-mjv2-cwmh CVE-2021-27917 GHSA-xpc5-rr39-v8v2

Affected version: >=5.0.0-alpha,<5.1.1|>=1.0.0-beta4,<4.4.13

Reported by:
GitHub
[MEDIUM] Mautic vulnerable to XSS in contact/company tracking (no authentication)

PKSA-x4f7-yvw2-qxkj CVE-2024-47050 GHSA-73gr-32wg-qhh7

Affected version: >=5.0.0-alpha,<5.1.1|>=2.6.0,<4.4.13

Reported by:
GitHub
[MEDIUM] Mautic vulnerable to Cross-site Scripting (XSS) - stored (edit form HTML field)

PKSA-zw3g-4t7k-356g CVE-2024-47058 GHSA-xv68-rrmw-9xwf

Affected version: >=1.0.0-beta,<4.4.13|>=5.0.0-alpha,<5.1.1

Reported by:
GitHub
[HIGH] Mautic vulnerable to Improper Access Control in UI upgrade process

PKSA-1qjd-2pbn-b37d CVE-2022-25768 GHSA-x3jx-5w6m-q2fc

Affected version: >=5.0.0-alpha,<5.1.1|>=1.1.3,<4.4.13

Reported by:
GitHub
[MEDIUM] Mautic: MST-48 Server-Side Request Forgery in Asset section

PKSA-qbyg-mfvh-bykw CVE-2022-25777 GHSA-mgv8-w49f-822w

Affected version: >=5.0.0-alpha,<5.0.4|>=1.0.0-beta4,<4.4.12

Reported by:
GitHub
[HIGH] Mautic Sensitive Data Exposure due to inadequate user permission settings

PKSA-h1nj-n1bm-2hgs CVE-2022-25776 GHSA-qjx3-2g35-6hv8

Affected version: >=5.0.0-alpha,<5.0.4|>=1.0.2,<4.4.12

Reported by:
GitHub
[MEDIUM] Mautic SQL Injection in dynamic Reports

PKSA-sy5k-g715-pnjy CVE-2022-25775 GHSA-jj6w-2cqg-7p94

Affected version: >=5.0.0-alpha,<5.0.4|>=2.14.1,<4.4.12

Reported by:
GitHub
[MEDIUM] Mautic vulnerable to cross-site scripting in notifications via saving Dashboards

PKSA-47j7-7fkf-jb1b CVE-2022-25774 GHSA-fhcx-f7jg-jx3f

Affected version: <4.4.12

Reported by:
GitHub
[HIGH] Mautic vulnerable to stored cross-site scripting in description field

PKSA-y6pk-4xsd-p383 CVE-2021-27915 GHSA-2rc5-2755-v422

Affected version: >=1.0.0-beta2,<4.4.12

Reported by:
GitHub
[CRITICAL] Cross-site Scripting vulnerability in Mautic's tracking pixel functionality

PKSA-srsk-dycm-5jdh CVE-2022-25772 GHSA-pjpc-87mp-4332

Affected version: <4.3.0

Reported by:
GitHub
[CRITICAL] Mautic stored Cross-site Scripting (XSS)

PKSA-b7h2-7psv-6msq CVE-2020-35129 GHSA-3px5-wjh3-9x6r

Affected version: <3.2.4

Reported by:
GitHub
[MEDIUM] Improper regex in htaccess file

PKSA-hj5d-wswk-kw69 CVE-2022-25769 GHSA-mj6m-246h-9w56

Affected version: >=4.0.0,<4.2.0|<3.3.5

Reported by:
GitHub
[LOW] Use of a Broken or Risky Cryptographic Algorithm

PKSA-fcy2-ts5y-y8xc CVE-2021-27913 GHSA-x7g2-wrrp-r6h3

Affected version: <4.0.0|>=3.3.0,<3.3.4|>=3.2.0,<3.3.0|>=3.1.0,<3.2.0|>=3.0.0,<3.1.0

Reported by:
GitHub, FriendsOfPHP/security-advisories
[HIGH] XSS vulnerability on asset view

PKSA-p6sq-9ppy-k1f8 CVE-2021-27912 GHSA-rh5w-82wh-jhr8

Affected version: <4.0.0|>=3.3.0,<3.3.4|>=3.2.0,<3.3.0|>=3.1.0,<3.2.0|>=3.0.0,<3.1.0

Reported by:
GitHub, FriendsOfPHP/security-advisories
[HIGH] XSS vulnerability on contacts view

PKSA-ykqx-7zqg-n9bn CVE-2021-27911 GHSA-72hm-fx78-xwhc

Affected version: <4.0.0|>=3.3.0,<3.3.4|>=3.2.0,<3.3.0|>=3.1.0,<3.2.0|>=3.0.0,<3.1.0

Reported by:
GitHub, FriendsOfPHP/security-advisories
[HIGH] Stored XSS vulnerability on Bounce Management Callback

PKSA-dh3n-xcj8-kwbq CVE-2021-27910 GHSA-86pv-95mj-7w5f

Affected version: <4.0.0|>=3.3.0,<3.3.4|>=3.2.0,<3.3.0|>=3.1.0,<3.2.0|>=3.0.0,<3.1.0

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] XSS vulnerability on password reset page

PKSA-rqyb-wvf2-m87b CVE-2021-27909 GHSA-32hw-3pvh-vcvc

Affected version: <4.0.0|>=3.3.0,<3.3.4|>=3.2.0,<3.3.0|>=3.1.0,<3.2.0|>=3.0.0,<3.1.0

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] Secret data exfiltration via symfony parameters

PKSA-ftms-7tmx-dwmz CVE-2021-27908 GHSA-4hjq-422q-4vpx

Affected version: >=3.3.0,<3.3.2|>=3.2.0,<3.3.0|>=3.1.0,<3.2.0|<3.1.0

Reported by:
GitHub, FriendsOfPHP/security-advisories
[HIGH] Mautic core - Moderately Critical - XSS vulnerability when creating/editing a company

PKSA-cjzg-6rfp-qkfk CVE-2021-3142 GHSA-p7v4-gm6j-cw9m

Affected version: >=3.2.0,<3.2.4|>=3.1.0,<3.2.0|>=3.0.0,<3.1.0|>=2.0.0,<2.16.5

Reported by:
GitHub, FriendsOfPHP/security-advisories
[CRITICAL] Mautic core - Highly Critical - XSS vulnerability leveraged through referrers could allow un-authorized admin access

PKSA-ysg5-6d2n-7swq CVE-2020-35125 GHSA-42q7-95j7-w62m

Affected version: >=3.2.0,<3.2.4|>=3.1.0,<3.2.0|>=3.0.0,<3.1.0|>=2.0.0,<2.16.5

Reported by:
GitHub, FriendsOfPHP/security-advisories
[CRITICAL] Mautic core - Highly Critical - XSS vulnerability leveraged through referrers could allow un-authorized admin access

PKSA-d4dv-g651-gm2b CVE-2020-35124 GHSA-39wj-j3jc-858m

Affected version: >=3.2.0,<3.2.4|>=3.1.0,<3.2.0|>=3.0.0,<3.1.0|>=2.0.0,<2.16.5

Reported by:
GitHub, FriendsOfPHP/security-advisories

mautic/core Security Advisories for 3.1.1-rc (27)

[MEDIUM] Mautic has an Open Redirect vulnerability on user unlock path.

[MEDIUM] Mautic allows user name enumeration due to response time difference on password reset form

[MEDIUM] Mautic allows Relative Path Traversal in assets file upload

[HIGH] Mautic allows Improper Authorization in Reporting API

[CRITICAL] Mautic allows Remote Code Execution and File Deletion in Asset Uploads

[MEDIUM] Mautic has insufficient authentication in upgrade flow

[MEDIUM] Mautic has an XSS in contact tracking and page hits report

[MEDIUM] Mautic vulnerable to XSS in contact/company tracking (no authentication)

[MEDIUM] Mautic vulnerable to Cross-site Scripting (XSS) - stored (edit form HTML field)

[HIGH] Mautic vulnerable to Improper Access Control in UI upgrade process

[MEDIUM] Mautic: MST-48 Server-Side Request Forgery in Asset section

[HIGH] Mautic Sensitive Data Exposure due to inadequate user permission settings

[MEDIUM] Mautic SQL Injection in dynamic Reports

[MEDIUM] Mautic vulnerable to cross-site scripting in notifications via saving Dashboards

[HIGH] Mautic vulnerable to stored cross-site scripting in description field

[CRITICAL] Cross-site Scripting vulnerability in Mautic's tracking pixel functionality

[CRITICAL] Mautic stored Cross-site Scripting (XSS)

[MEDIUM] Improper regex in htaccess file

[LOW] Use of a Broken or Risky Cryptographic Algorithm

[HIGH] XSS vulnerability on asset view

[HIGH] XSS vulnerability on contacts view

[HIGH] Stored XSS vulnerability on Bounce Management Callback

[MEDIUM] XSS vulnerability on password reset page

[MEDIUM] Secret data exfiltration via symfony parameters

[HIGH] Mautic core - Moderately Critical - XSS vulnerability when creating/editing a company

[CRITICAL] Mautic core - Highly Critical - XSS vulnerability leveraged through referrers could allow un-authorized admin access

[CRITICAL] Mautic core - Highly Critical - XSS vulnerability leveraged through referrers could allow un-authorized admin access