Mautic Cross Site Scripting (XSS) vulnerability

2022-05-1403:41:55

Google

osv.dev

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.1%

JSON

Mautic version 2.11.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in Company’s name that can result in denial of service and execution of javascript code.

CPENameOperatorVersion
mautic/coreeq2.11.0
mautic/coreeq2.6.1
mautic/coreeq2.10.0-beta
mautic/coreeq1.4.0
mautic/coreeq2.0.1
mautic/coreeq1.3.0
mautic/coreeq2.2.1
mautic/coreeq2.12.1
mautic/coreeq1.0.0-rc4
mautic/coreeq2.7.0

Name	Operator	Version
mautic/core	eq	2.11.0
mautic/core	eq	2.6.1
mautic/core	eq	2.10.0-beta
mautic/core	eq	1.4.0
mautic/core	eq	2.0.1
mautic/core	eq	1.3.0
mautic/core	eq	2.2.1
mautic/core	eq	2.12.1
mautic/core	eq	1.0.0-rc4
mautic/core	eq	2.7.0