CVE-2020-35124
published 2021-01-28CVE-2020-35124: A cross-site scripting (XSS) vulnerability in the assets component of Mautic before 3.2.4 allows remote attackers to inject executable JavaScript through the…
PriorityP337critical9.6CVSS 3.1
AVNACLPRNUIRSCCHIHAH
EPSS
2.40%
81.9th percentile
A cross-site scripting (XSS) vulnerability in the assets component of Mautic before 3.2.4 allows remote attackers to inject executable JavaScript through the Referer header of asset downloads.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| acquia | mautic | < 2.16.5 | 2.16.5 |
| acquia | mautic | < 3.2.4 | 3.2.4 |
| acquia | mautic | >= 3.0.0 < 3.2.4 | 3.2.4 |
| mautic | core | >= 2.0.0 < 2.16.5 | 2.16.5 |
| mautic | core | >= 3.0.0 < 3.2.4 | 3.2.4 |
CVSS provenance
nvdv3.19.6CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
XSS vulnerability leveraged through referrers could allow un-authorized admin access in Mautic
ghsa·2021-01-19
CVE-2020-35124 [CRITICAL] CWE-79 XSS vulnerability leveraged through referrers could allow un-authorized admin access in Mautic
XSS vulnerability leveraged through referrers could allow un-authorized admin access in Mautic
### Impact
This is a cross-site scripting vulnerability which affects every version of Mautic and could allow an attacker unauthorised administrator level access to Mautic.
This vulnerability was reported by Naveen Sunkavally at Horizon3.ai.
### Patches
Upgrade to 3.2.4 or 2.16.5.
Link to patch for 2.x versions: https://github.com/mautic/mautic/compare/2.16.4...2.16.5.diff
Link to patch for 3.x versions: https://github.com/mautic/mautic/compare/3.2.2...3.2.4.diff
### Workarounds
None
### For more information
If you have any questions or comments about this advisory:
* Post in https://forum.mautic.org/c/support
* Email us at [email protected]
OSV
XSS vulnerability leveraged through referrers could allow un-authorized admin access in Mautic
osv·2021-01-19
CVE-2020-35124 [CRITICAL] XSS vulnerability leveraged through referrers could allow un-authorized admin access in Mautic
XSS vulnerability leveraged through referrers could allow un-authorized admin access in Mautic
### Impact
This is a cross-site scripting vulnerability which affects every version of Mautic and could allow an attacker unauthorised administrator level access to Mautic.
This vulnerability was reported by Naveen Sunkavally at Horizon3.ai.
### Patches
Upgrade to 3.2.4 or 2.16.5.
Link to patch for 2.x versions: https://github.com/mautic/mautic/compare/2.16.4...2.16.5.diff
Link to patch for 3.x versions: https://github.com/mautic/mautic/compare/3.2.2...3.2.4.diff
### Workarounds
None
### For more information
If you have any questions or comments about this advisory:
* Post in https://forum.mautic.org/c/support
* Email us at [email protected]
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://forum.mautic.org/c/announcements/16https://github.com/mautic/mautic/security/advisories/GHSA-39wj-j3jc-858mhttps://www.horizon3.ai/disclosures/mautic-unauth-xss-to-rcehttps://www.mautic.org/blog/community/security-release-all-versions-mautic-prior-2-16-5-and-3-2-4https://forum.mautic.org/c/announcements/16https://github.com/mautic/mautic/security/advisories/GHSA-39wj-j3jc-858mhttps://www.horizon3.ai/disclosures/mautic-unauth-xss-to-rcehttps://www.mautic.org/blog/community/security-release-all-versions-mautic-prior-2-16-5-and-3-2-4
2021-01-28
Published