Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2017-1000490
- EPSS 0.34%
- Published 03.01.2018 17:29:00
- Last modified 21.11.2024 03:04:51
Mautic versions 1.0.0 - 2.11.0 are vulnerable to allowing any authorized Mautic user session (must be logged into Mautic) to use the Filemanager to download any file from the server that the web user has access to.
8.1
CVE-2017-1000489
- EPSS 0.27%
- Published 03.01.2018 17:29:00
- Last modified 21.11.2024 03:04:51
Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed could allow a disabled user to still login using email address
6.1
CVE-2017-1000488
- EPSS 0.24%
- Published 03.01.2018 16:29:00
- Last modified 21.11.2024 03:04:50
Mautic version 2.1.0 - 2.11.0 is vulnerable to an inline JS XSS attack when using Mautic forms on a Mautic landing page using GET parameters to pre-populate the form.
7.5
CVE-2017-1000046
- EPSS 0.28%
- Published 17.07.2017 13:18:17
- Last modified 20.04.2025 01:37:25
Mautic 2.6.1 and earlier fails to set flags on session cookies