cbcvebase.

Mautic Core vulnerabilities

49 known vulnerabilities affecting mautic/core.

Total CVEs
49
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL7HIGH13MEDIUM27LOW2

Vulnerabilities

Page 3 of 3
CVE-2017-1000506P4MEDIUM≥ 0, < 2.14.22022-05-14
CVE-2017-1000506 [MEDIUM] CWE-79 Mautic Cross Site Scripting (XSS) vulnerability Mautic Cross Site Scripting (XSS) vulnerability Mautic version 2.11.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in Company's name that can result in denial of service and execution of javascript code.
ghsaosv
CVE-2024-47055P4MEDIUM≥ 5.0.0-alpha, < 5.2.6≥ 6.0.0-alpha, < 6.0.22025-05-28
CVE-2024-47055 [MEDIUM] CWE-284 Mautic segment cloning doesn't have a proper permission check Mautic segment cloning doesn't have a proper permission check ### Summary This advisory addresses a security vulnerability in Mautic related to the segment cloning functionality. This vulnerability allows any authenticated user to clone segments without proper authorization checks. Insecure Direct Object Reference (IDOR) / Missing Authorization: A missing authorization vulnerability exists in the `clo
ghsaosv
CVE-2024-47059P4MEDIUM≥ 5.1.0, < 5.1.12024-09-18
CVE-2024-47059 [MEDIUM] CWE-200 Mautic allows users enumeration due to weak password login Mautic allows users enumeration due to weak password login ### Summary When logging in with the correct username and incorrect weak password, the user receives the notification, that their password is too weak. However when an incorrect username is provided along side with weak password, the application responds with ’Invalid credentials’ notification. This difference could be used to perform username
ghsaosv
CVE-2021-27908P4MEDIUM≥ 0, < 3.3.22021-04-06
CVE-2021-27908 [MEDIUM] CWE-732 Mautic vulnerable to secret data exfiltration via symfony parameters Mautic vulnerable to secret data exfiltration via symfony parameters ### Impact Symfony parameters (which is what Mautic transforms configuration parameters into) can be used within other Symfony parameters by design. However, this also means that an admin who is normally not privy to certain parameters, such as database credentials, could expose them by leveraging any of the free text fields in
ghsaosv
CVE-2024-47058P4MEDIUM≥ 5.0.0-alpha, < 5.1.1≥ 1.0.0-beta, < 4.4.132024-09-18
CVE-2024-47058 [MEDIUM] CWE-79 Mautic vulnerable to Cross-site Scripting (XSS) - stored (edit form HTML field) Mautic vulnerable to Cross-site Scripting (XSS) - stored (edit form HTML field) ### Impact With access to edit a Mautic form, the attacker can add Cross-Site Scripting stored in the html filed. This could be used to steal sensitive information from the user's current session. ### Patches Upgrade to 4.4.13 or 5.1.1 or later. ### Workarounds None ### References - https://owasp.org/www
ghsaosv
CVE-2021-27913P4LOW≥ 0, < 3.3.4≥ 4.0.0-alpha1, < 4.0.02021-09-01
CVE-2021-27913 [LOW] CWE-327 Use of a Broken or Risky Cryptographic Algorithm Use of a Broken or Risky Cryptographic Algorithm ## ✍️ Description The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control ## 🕵️‍♂️ Proof of Concept Numerous examples
ghsaosv
CVE-2025-9821P4LOW≥ 4.4.0, < 4.4.17≥ 5.0.0-alpha, < 5.2.8+1 more2025-09-03
CVE-2025-9821 [LOW] CWE-918 Mautic vulnerable to SSRF via webhook function Mautic vulnerable to SSRF via webhook function ### Summary Users with webhook permissions can conduct SSRF via webhooks. If they have permission to view the webhook logs, the (partial) request response is also disclosed ### Details When sending webhooks, the destination is not validated, causing SSRF. ### Impact Bypass of firewalls to interact with internal services. See https://owasp.org/Top10/A10_2021-Server-Side_Req
ghsaosv
CVE-2018-8092MEDIUM≥ 0, < 2.13.02021-01-19
CVE-2018-8092 [MEDIUM] CWE-1236 CSV Injection vulnerability with exported contact lists in Mautic CSV Injection vulnerability with exported contact lists in Mautic ### Impact Mautic versions before 2.13.0 had a vulnerability that allowed a CSV injection with exported contact lists - https://www.owasp.org/index.php/CSV_Injection. ### Patches Update to 2.13.0 or later. ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Email us at [secur
ghsaosv
CVE-2021-3142HIGH≥ 3.0.0, < 3.2.4≥ 2.0.0, < 2.16.52021-01-29
CVE-2021-3142 [HIGH] CWE-79 XSS in Mautic XSS in Mautic ### Impact This is a cross-site scripting vulnerability relating to creating/editing a company which requires the user to be logged in as an administrator to be executed. This vulnerability was reported by Dardan Prebreza at Bishop Fox. ### Patches Upgrade to 3.2.4 or 2.16.5. Link to patch for 2.x versions: https://github.com/mautic/mautic/compare/2.16.4...2.16.5.diff Link to patch for 3.x versions: https://github.com/mautic/mautic/com
ghsaosv
Mautic Core vulnerabilities | cvebase