You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
Mautic vulnerable to stored cross-site scripting in description field
High severity
GitHub Reviewed
Published
Apr 11, 2024
in
mautic/mautic
•
Updated Sep 30, 2024
Prior to the patched version, there is an XSS vulnerability in the description fields within the Mautic application which could be exploited by a logged in user of Mautic with the appropriate permissions.
This could lead to the user having elevated access to the system.
Impact
Prior to the patched version, there is an XSS vulnerability in the description fields within the Mautic application which could be exploited by a logged in user of Mautic with the appropriate permissions.
This could lead to the user having elevated access to the system.
Patches
Update to 4.4.12
Workarounds
None
References
If you have any questions or comments about this advisory:
Email us at [email protected]
References